The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of MPlayer: integer overflow via DMO

Synthesis of the vulnerability 

While playing a DMO file, an integer overflow can occur in MPlayer and lead to code execution.
Impacted products: Debian, Mandriva Linux, openSUSE, Slackware, SLES, TurboLinux, Unix (platform) ~ not comprehensive.
Severity of this bulletin: 2/4.
Creation date: 01/03/2007.
Références of this threat: BID-22771, CERTA-2007-AVI-122, CVE-2007-1246, DSA-1536-1, MDKSA-2007:055, MDKSA-2007:057, SSA:2007-109-02, SUSE-SR:2007:005, SUSE-SR:2007:007, TLSA-2007-33, VIGILANCE-VUL-6597.

Description of the vulnerability 

MPlayer program displays video documents. These documents can be located on user's computer, or downloaded and displayed live from internet.

When a DMO document (Windows Media) is read, the biSize variable is not checked, which can lead to an overflow.

This vulnerability permits a remote attacker to run code with rights of MPlayer users.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This weakness announce impacts software or systems such as Debian, Mandriva Linux, openSUSE, Slackware, SLES, TurboLinux, Unix (platform) ~ not comprehensive.

Our Vigil@nce team determined that the severity of this vulnerability alert is medium.

The trust level is of type confirmed by the editor, with an origin of document.

An attacker with a expert ability can exploit this computer threat announce.

Solutions for this threat 

MPlayer: patch for DMO.
A patch is available:
  http://svn.mplayerhq.hu/mplayer/trunk/loader/dmo/DMO_VideoDecoder.c?r1=22019&r2=22204

Debian: new libxine packages.
New packages are available:
Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/x/xine-lib/libxine*_1.0.1-1sarge7_*.deb
Debian GNU/Linux 4.0 alias etch
  http://security.debian.org/pool/updates/main/x/xine-lib/libxine*_1.1.2+dfsg-6_*.deb

Mandriva: new mplayer packages.
New packages are available:
 Mandriva Linux 2007.0:
 c79b106f66ef06c04a656adbd2dd5caa 2007.0/i586/libdha1.0-1.0-1.pre8.13.1mdv2007.0.i586.rpm
 5a596579a15d7092b559bbbd6c319167 2007.0/i586/mencoder-1.0-1.pre8.13.1mdv2007.0.i586.rpm
 dd6293fb4f03bd361932e385d07f8918 2007.0/i586/mplayer-1.0-1.pre8.13.1mdv2007.0.i586.rpm
 0b7a8a5af99b3a3975a3f0f9e0b5c70a 2007.0/i586/mplayer-gui-1.0-1.pre8.13.1mdv2007.0.i586.rpm
 e90776605fb7d8b2c6c9845431dff696 2007.0/SRPMS/mplayer-1.0-1.pre8.13.1mdv2007.0.src.rpm
 Mandriva Linux 2007.0/X86_64:
 3ccbf6766332228912f9ca86673ee082 2007.0/x86_64/mencoder-1.0-1.pre8.13.1mdv2007.0.x86_64.rpm
 d5544ee7ba584ad39c78221947d9f763 2007.0/x86_64/mplayer-1.0-1.pre8.13.1mdv2007.0.x86_64.rpm
 7485610e6dae090636fb34c7c41c9343 2007.0/x86_64/mplayer-gui-1.0-1.pre8.13.1mdv2007.0.x86_64.rpm
 e90776605fb7d8b2c6c9845431dff696 2007.0/SRPMS/mplayer-1.0-1.pre8.13.1mdv2007.0.src.rpm
 Corporate 3.0:
 c856e0fc1743cd8f623d7ee8f9e6ffe3 corporate/3.0/i586/libdha0.1-1.0-0.pre3.14.9.C30mdk.i586.rpm
 1350f9e69fd481e17b707a94fb1bc74a corporate/3.0/i586/libpostproc0-1.0-0.pre3.14.9.C30mdk.i586.rpm
 98d7ca9b74490afb20c44efe098761fa corporate/3.0/i586/libpostproc0-devel-1.0-0.pre3.14.9.C30mdk.i586.rpm
 536f8ad600598e2cffce436c1c0e695f corporate/3.0/i586/mencoder-1.0-0.pre3.14.9.C30mdk.i586.rpm
 208ea2e10312f1cba5989ecbf43956f3 corporate/3.0/i586/mplayer-1.0-0.pre3.14.9.C30mdk.i586.rpm
 1ff79a1c5e08b898a14010305797893c corporate/3.0/i586/mplayer-gui-1.0-0.pre3.14.9.C30mdk.i586.rpm
 20150c93e21037f29585075932eb7ef0 corporate/3.0/SRPMS/mplayer-1.0-0.pre3.14.9.C30mdk.src.rpm
 Corporate 3.0/X86_64:
 823d5b19da1feead69cb245cbea24ec3 corporate/3.0/x86_64/lib64postproc0-1.0-0.pre3.14.9.C30mdk.x86_64.rpm
 b4839689ed4d7fd56198b266a913eda6 corporate/3.0/x86_64/lib64postproc0-devel-1.0-0.pre3.14.9.C30mdk.x86_64.rpm
 f522ed8f9e28c712af8820a21635a387 corporate/3.0/x86_64/mencoder-1.0-0.pre3.14.9.C30mdk.x86_64.rpm
 91bb9c93d8d71e8978a0dfc9ba5f7b6e corporate/3.0/x86_64/mplayer-1.0-0.pre3.14.9.C30mdk.x86_64.rpm
 10196940030f359d04c345e55c8c98fb corporate/3.0/x86_64/mplayer-gui-1.0-0.pre3.14.9.C30mdk.x86_64.rpm
 20150c93e21037f29585075932eb7ef0 corporate/3.0/SRPMS/mplayer-1.0-0.pre3.14.9.C30mdk.src.rpm

Mandriva: new xine-lib packages.
New packages are available:
 
 Mandriva Linux 2007.0:
 241273125b4e2014a0fa1580c7ed0413 2007.0/i586/libxine1-1.1.2-3.3mdv2007.0.i586.rpm
 e2855220283ec658301068cf00bb266a 2007.0/i586/libxine1-devel-1.1.2-3.3mdv2007.0.i586.rpm
 b98b3376e156fb87a34f30aad34e65e5 2007.0/i586/xine-aa-1.1.2-3.3mdv2007.0.i586.rpm
 88d1b8d538dcff220bf528674d0bf5b0 2007.0/i586/xine-arts-1.1.2-3.3mdv2007.0.i586.rpm
 ce54bd05bd941b2224c549bf685c0a08 2007.0/i586/xine-dxr3-1.1.2-3.3mdv2007.0.i586.rpm
 0e33ea09058a1cd82fd8720278243c14 2007.0/i586/xine-esd-1.1.2-3.3mdv2007.0.i586.rpm
 0e8c92ffdc4c3c8073531a72a47da8ca 2007.0/i586/xine-flac-1.1.2-3.3mdv2007.0.i586.rpm
 3d7eb8f9a5f45ddebd7ccc20cec808f0 2007.0/i586/xine-gnomevfs-1.1.2-3.3mdv2007.0.i586.rpm
 5a1390613c4505b2bfcd326ff0156b0c 2007.0/i586/xine-image-1.1.2-3.3mdv2007.0.i586.rpm
 79899e7608558bb490003b9cba2a978c 2007.0/i586/xine-plugins-1.1.2-3.3mdv2007.0.i586.rpm
 ed4c39cfe82d66caa19c023a8495c4a1 2007.0/i586/xine-sdl-1.1.2-3.3mdv2007.0.i586.rpm
 9256f65fff35cd6c25fd0b19823dcc8a 2007.0/i586/xine-smb-1.1.2-3.3mdv2007.0.i586.rpm
 0bf2ceba6a15a079bf2890265b8f1a55 2007.0/SRPMS/xine-lib-1.1.2-3.3mdv2007.0.src.rpm
 Mandriva Linux 2007.0/X86_64:
 d92a6bebe5c1e915ed6dca150f32de2e 2007.0/x86_64/lib64xine1-1.1.2-3.3mdv2007.0.x86_64.rpm
 eb0c2f9d95f04e3d9c8ea1282c41f5dc 2007.0/x86_64/lib64xine1-devel-1.1.2-3.3mdv2007.0.x86_64.rpm
 cd81757a9c25e480d10932cb4d40f6e0 2007.0/x86_64/xine-aa-1.1.2-3.3mdv2007.0.x86_64.rpm
 acbaf60373d75281d3c3c7da24d7a1de 2007.0/x86_64/xine-arts-1.1.2-3.3mdv2007.0.x86_64.rpm
 38997b2bd174345dcec41682569868c1 2007.0/x86_64/xine-dxr3-1.1.2-3.3mdv2007.0.x86_64.rpm
 2425cc89f26171fc32f889ccf0b5b96c 2007.0/x86_64/xine-esd-1.1.2-3.3mdv2007.0.x86_64.rpm
 5ddcb92e47e6f35de1db5482edf98a9c 2007.0/x86_64/xine-flac-1.1.2-3.3mdv2007.0.x86_64.rpm
 c68e811900a94bd92d65832f64bcdb8a 2007.0/x86_64/xine-gnomevfs-1.1.2-3.3mdv2007.0.x86_64.rpm
 f6aa73615c7c9a7238838641afc6af6a 2007.0/x86_64/xine-image-1.1.2-3.3mdv2007.0.x86_64.rpm
 4437aff317d159abbd1785fbe53368e7 2007.0/x86_64/xine-plugins-1.1.2-3.3mdv2007.0.x86_64.rpm
 4f062b56c298e09b0ec364c18814917f 2007.0/x86_64/xine-sdl-1.1.2-3.3mdv2007.0.x86_64.rpm
 fa2a314dbde0ccedf85043e10d94f3d3 2007.0/x86_64/xine-smb-1.1.2-3.3mdv2007.0.x86_64.rpm
 0bf2ceba6a15a079bf2890265b8f1a55 2007.0/SRPMS/xine-lib-1.1.2-3.3mdv2007.0.src.rpm
 Corporate 3.0:
 dffe302693d57f09ad55573f20400258 corporate/3.0/i586/libxine1-1-0.rc3.6.15.C30mdk.i586.rpm
 76bb6cba723566a5a0a02043d5e02fe2 corporate/3.0/i586/libxine1-devel-1-0.rc3.6.15.C30mdk.i586.rpm
 24645aa6d547c1077236248eb54645f0 corporate/3.0/i586/xine-aa-1-0.rc3.6.15.C30mdk.i586.rpm
 246938c45fe9d795c96aa349bf8cd107 corporate/3.0/i586/xine-arts-1-0.rc3.6.15.C30mdk.i586.rpm
 0af50984ecd9fd2979f3da178871ac1d corporate/3.0/i586/xine-dxr3-1-0.rc3.6.15.C30mdk.i586.rpm
 80b08a823d7793fb677bbb121a07f9cb corporate/3.0/i586/xine-esd-1-0.rc3.6.15.C30mdk.i586.rpm
 31c8ad519bfab253300f5d575ea22f5b corporate/3.0/i586/xine-flac-1-0.rc3.6.15.C30mdk.i586.rpm
 38bcaf1e4bf6f673c0e39048e7701348 corporate/3.0/i586/xine-gnomevfs-1-0.rc3.6.15.C30mdk.i586.rpm
 27627560d6c1c7e5aa2fd63bde435b37 corporate/3.0/i586/xine-plugins-1-0.rc3.6.15.C30mdk.i586.rpm
 3f124f14f5fa8b1e7e3f3917afda3705 corporate/3.0/SRPMS/xine-lib-1-0.rc3.6.15.C30mdk.src.rpm
 Corporate 3.0/X86_64:
 0182ddc1159b46c24589b397412733e1 corporate/3.0/x86_64/lib64xine1-1-0.rc3.6.15.C30mdk.x86_64.rpm
 01cb9805548452a161da99ad385ed474 corporate/3.0/x86_64/lib64xine1-devel-1-0.rc3.6.15.C30mdk.x86_64.rpm
 b121a2b09b0da74ad2553f94319c2771 corporate/3.0/x86_64/xine-aa-1-0.rc3.6.15.C30mdk.x86_64.rpm
 91534b8494ab6ac1eec6c47261f6389b corporate/3.0/x86_64/xine-arts-1-0.rc3.6.15.C30mdk.x86_64.rpm
 81d95f1a15722144e856384e4fe4a27b corporate/3.0/x86_64/xine-esd-1-0.rc3.6.15.C30mdk.x86_64.rpm
 f35de55cb2d1b241c60479728ab84ca0 corporate/3.0/x86_64/xine-flac-1-0.rc3.6.15.C30mdk.x86_64.rpm
 b83e2f8b1cbf0802077ee0f7bc1ac6ec corporate/3.0/x86_64/xine-gnomevfs-1-0.rc3.6.15.C30mdk.x86_64.rpm
 aa6982efb1978493f4d278e5d7ee8787 corporate/3.0/x86_64/xine-plugins-1-0.rc3.6.15.C30mdk.x86_64.rpm
 3f124f14f5fa8b1e7e3f3917afda3705 corporate/3.0/SRPMS/xine-lib-1-0.rc3.6.15.C30mdk.src.rpm

Slackware: new xine-lib packages.
New packages are available:
Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/xine-lib-1.1.6-i686-1_slack10.0.tgz
Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/xine-lib-1.1.6-i686-1_slack10.1.tgz
Slackware 10.2:
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/xine-lib-1.1.6-i686-1_slack10.2.tgz
Slackware 11.0:
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/xine-lib-1.1.6-i686-1_slack11.0.tgz

SUSE: new ktorrent, cron, lighttpd, horde, mplayer, avahi, man packages.
New packages are available via YaST and FTP.

SUSE: new xine-lib, tomcat, unrar, squid, file packages.
New packages are available via YaST or FTP.

Turbolinux: new xine-lib packages.
New packages are available:
 Turbolinux FUJI : xine-lib-1.0.3a-7
 Turbolinux 10 Desktop : xine-lib-1rc3c-16
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides computers vulnerabilities bulletins. The technology watch team tracks security threats targeting the computer system.