Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <Pine.GSO.4.51.0810201236430.28212@faron.mitre.org>
Date: Mon, 20 Oct 2008 12:37:56 -0400 (EDT)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: oss-security <oss-security@...ts.openwall.com>
cc: "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE request: crashers / potential security risks
 in mplayer


Note, some of this stuff is hard to sift through because of such a large
number of crashers.  We're taking a relatively conservative approach here.

The 2007 CVE number is for issues that were technically released in 2007.

- Steve

======================================================
Name: CVE-2007-6718
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6718
Reference: MLIST:[oss-security] 20081007 CVE request: crashers / potential security risks in mplayer
Reference: URL:http://www.openwall.com/lists/oss-security/2008/10/07/1
Reference: MISC:http://sam.zoy.org/blog/2007-01-16-exposing-file-parsing-vulnerabilities

MPlayer, possibly 1.0rc1, allows remote attackers to cause a denial of
service (SIGSEGV and application crash) via (1) a malformed MP3 file,
as demonstrated by lol-mplayer.mp3; (2) a malformed Ogg Vorbis file,
as demonstrated by lol-mplayer.ogg; (3) a malformed MPEG-1 file, as
demonstrated by lol-mplayer.mpg; (4) a malformed MPEG-2 file, as
demonstrated by lol-mplayer.m2v; (5) a malformed MPEG-4 AVI file, as
demonstrated by lol-mplayer.avi; (6) a malformed FLAC file, as
demonstrated by lol-mplayer.flac; (7) a malformed Ogg Theora file, as
demonstrated by lol-mplayer.ogm; (8) a malformed WMV file, as
demonstrated by lol-mplayer.wmv; or (9) a malformed AAC file, as
demonstrated by lol-mplayer.aac.  NOTE: vector 5 might overlap
CVE-2007-4938, and vector 6 might overlap CVE-2008-0486.


======================================================
Name: CVE-2008-4610
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4610
Reference: MLIST:[oss-security] 20081007 CVE request: crashers / potential security risks in mplayer
Reference: URL:http://www.openwall.com/lists/oss-security/2008/10/07/1

MPlayer allows remote attackers to cause a denial of service
(application crash) via (1) a malformed AAC file, as demonstrated by
lol-vlc.aac; or (2) a malformed Ogg Media (OGM) file, as demonstrated
by lol-ffplay.ogm, different vectors than CVE-2007-6718.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.