Friday, February 01, 2008

Security Vulnerability on MPlayer

Two days ago, MPlayer team has released a security vulnerability announcements that affects MPlayer 1.0rc2 and SVN before r25824. Here's the small description about the bug:
A buffer overflow was found and reported by Adam Bozanich of Musecurity in the code used to extract album titles from cbbd server answers.

When parsing answers from the cddb server, the album title is copied into a fixed-size buffer with insufficient checks on its size, and may cause a buffer overflow. A malicious database entry could trigger a buffer overflow in the program, that can lead to arbitrary code execution with the UID of the user running MPlayer.
As usual, they response quickly by providing a patch and it has been commited to the SVN Server.

Packagers... go grab the patch and build the package big grin