PT-2014-2153 · Mplayer · Mplayer

Publicado

2014-06-11

Atualizado

2014-06-12

CVE-2011-3625

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions SMPlayer version 0.6.9

Description The issue is related to a stack-based buffer overflow in the sub read line sami function, which can be triggered by a long string in a SAMI subtitle file. This can cause a denial of service, resulting in a crash, and potentially allow the execution of arbitrary code.

Recommendations For SMPlayer version 0.6.9, update to a version that includes a fix for the sub read line sami function in subreader.c to prevent the stack-based buffer overflow.

Exploit

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

CVE-2011-3625

Produtos afetados

Mplayer

PT-2014-2153 · Mplayer · Mplayer

CVE-2011-3625

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 10