CVE-2008-0485

Published: 5 February 2008

Array index error in libmpdemux/demux_mov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag.

Priority

Status

Package	Release	Status
mplayer Launchpad, Ubuntu, Debian	dapper	Released (2:0.99+1.0pre7try2+cvs20060117-0ubuntu8.2)
	edgy	Released (2:0.99+1.0pre8-0ubuntu8.3)
	feisty	Released (2:1.0~rc1-0ubuntu9.3)
	gutsy	Released (2:1.0~rc1-0ubuntu13.2)
	upstream	Needed
	Patches: other: https://bugs.launchpad.net/ubuntu/+source/mplayer/+bug/191488

References

https://www.cve.org/CVERecord?id=CVE-2008-0485
NVD
Launchpad
Debian

Bugs

https://bugs.launchpad.net/ubuntu/+source/mplayer/+bug/191488

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›