CVE-2008-5616

Name of the Vulnerable Software and Affected Versions MPlayer version 1.0 rc2 before r28150

Description The issue is a stack-based buffer overflow in the demux open vqf function, located in libmpdemux/demux vqf.c. This allows remote attackers to execute arbitrary code via a malformed TwinVQ file.

Recommendations For MPlayer version 1.0 rc2 before r28150, update to a version after r28150 to resolve the issue. As a temporary workaround, consider avoiding the use of the demux open vqf function until a patch is available. Restrict access to malformed TwinVQ files to minimize the risk of exploitation.