Integer overflow in the demuxer function in libmpdemux/demux_gif.c in Mplayer allows remote attackers to cause a denial of service (crash) via large dimensions in a gif file.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "2:1.1+dfsg1-0ubuntu3.1", "binary_name": "mencoder" }, { "binary_version": "2:1.1+dfsg1-0ubuntu3.1", "binary_name": "mencoder-dbgsym" }, { "binary_version": "2:1.1+dfsg1-0ubuntu3.1", "binary_name": "mplayer" }, { "binary_version": "2:1.1+dfsg1-0ubuntu3.1", "binary_name": "mplayer-dbg" }, { "binary_version": "2:1.1+dfsg1-0ubuntu3.1", "binary_name": "mplayer-dbgsym" }, { "binary_version": "2:1.1+dfsg1-0ubuntu3.1", "binary_name": "mplayer-doc" }, { "binary_version": "2:1.1+dfsg1-0ubuntu3.1", "binary_name": "mplayer-gui" }, { "binary_version": "2:1.1+dfsg1-0ubuntu3.1", "binary_name": "mplayer-gui-dbgsym" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "2:1.2.1-1ubuntu1.1", "binary_name": "mencoder" }, { "binary_version": "2:1.2.1-1ubuntu1.1", "binary_name": "mencoder-dbgsym" }, { "binary_version": "2:1.2.1-1ubuntu1.1", "binary_name": "mplayer" }, { "binary_version": "2:1.2.1-1ubuntu1.1", "binary_name": "mplayer-dbg" }, { "binary_version": "2:1.2.1-1ubuntu1.1", "binary_name": "mplayer-dbgsym" }, { "binary_version": "2:1.2.1-1ubuntu1.1", "binary_name": "mplayer-doc" }, { "binary_version": "2:1.2.1-1ubuntu1.1", "binary_name": "mplayer-gui" }, { "binary_version": "2:1.2.1-1ubuntu1.1", "binary_name": "mplayer-gui-dbgsym" }, { "binary_version": "2:1.2.1-1ubuntu1.1", "binary_name": "mplayer2" } ] }