CVE-2008-1558
Published: 31 March 2008
Uncontrolled array index in the sdpplin_parse function in stream/realrtsp/sdpplin.c in MPlayer 1.0 rc2 allows remote attackers to overwrite memory and execute arbitrary code via a large streamid SDP parameter. NOTE: this issue has been referred to as an integer overflow.
Priority
Status
Package | Release | Status |
---|---|---|
mplayer Launchpad, Ubuntu, Debian |
dapper |
Released
(2:0.99+1.0pre7try2+cvs20060117-0ubuntu8.3)
|
edgy |
Ignored
(end of life, was needed)
|
|
feisty |
Ignored
(end of life, was needed)
|
|
gutsy |
Released
(2:1.0~rc1-0ubuntu13.3)
|
|
hardy |
Released
(2:1.0~rc2-0ubuntu13)
|
|
intrepid |
Not vulnerable
|
|
upstream |
Needed
|