Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 16 Dec 2008 19:59:56 -0500 (EST)
From: "Steven M. Christey" <>
cc: Steven Christey <>
Subject: Re: CVE request: mplayer

Sorry for being so long to answer everything, I was on travel and the CVE
team is re-analyzing our process so that we can be more responsive and
stable in the longer term.

- Steve

Name: CVE-2008-5616
Status: Candidate
Reference: MISC:
Reference: CONFIRM:
Reference: CONFIRM:
Reference: BID:32822
Reference: URL:
Reference: SECUNIA:33136
Reference: URL:

Stack-based buffer overflow in the demux_open_vqf function in
libmpdemux/demux_vqf.c in MPlayer 1.0 rc2 before r28150 allows remote
attackers to execute arbitrary code via a malformed TwinVQ file.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.