FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mplayer -- cddb stack overflow

Affected packages
mplayer < 0.99.10_10
mplayer-esound < 0.99.10_10
mplayer-gtk < 0.99.10_10
mplayer-gtk-esound < 0.99.10_10
mplayer-gtk2 < 0.99.10_10
mplayer-gtk2-esound < 0.99.10_10

Details

VuXML ID 3ac80dd2-14df-11dc-bcfc-0016179b2dd5
Discovery 2007-06-06
Entry 2007-06-07

Mplayer Team reports:

A stack overflow was found in the code used to handle cddb queries. When copying the album title and category, no checking was performed on the size of the strings before storing them in a fixed-size array. A malicious entry in the database could trigger a stack overflow in the program, leading to arbitrary code execution with the uid of the user running MPlayer.

References

Bugtraq ID 24302
CVE Name CVE-2007-2948