CVE-2008-1558

Name of the Vulnerable Software and Affected Versions MPlayer version 1.0 rc2

Description The issue is related to an uncontrolled array index in the sdpplin parse function, located in stream/realrtsp/sdpplin.c, which allows remote attackers to overwrite memory and execute arbitrary code. This is achieved by providing a large streamid SDP parameter.

Recommendations For MPlayer version 1.0 rc2, consider restricting access to the sdpplin parse function until a patch is available. Avoid using large values for the streamid SDP parameter in the affected API endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.