CVE-2007-1246

Name of the Vulnerable Software and Affected Versions MPlayer versions 1.0rc1 and earlier

Description The issue is related to the DMO VideoDecoder Open function in loader/dmo/DMO VideoDecoder.c, which does not set the biSize before use in a memcpy. This allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code.

Recommendations For MPlayer versions 1.0rc1 and earlier, consider disabling the DMO VideoDecoder Open function until a patch is available. Restrict access to the vulnerable module to minimize the risk of exploitation. Avoid using the affected function in the meantime to prevent potential buffer overflow attacks.