CVE-2004-1309

Name of the Vulnerable Software and Affected Versions: MPlayer version 1.0pre5

Description: The issue is related to a heap-based buffer overflow in the demux open bmp function, located in demux bmp.c, which can be triggered by a bitmap (BMP) file containing a large biClrUsed field. This allows remote attackers to execute arbitrary code.

Recommendations: For MPlayer version 1.0pre5, consider avoiding the use of the demux open bmp function until a patch is available. As a temporary workaround, restrict the processing of bitmap files to minimize the risk of exploitation.