PT-2014-2153 · Mplayer · Mplayer
Published
2014-06-11
·
Updated
2014-06-12
·
CVE-2011-3625
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
SMPlayer version 0.6.9
Description
The issue is related to a stack-based buffer overflow in the sub read line sami function, which can be triggered by a long string in a SAMI subtitle file. This can cause a denial of service, resulting in a crash, and potentially allow the execution of arbitrary code.
Recommendations
For SMPlayer version 0.6.9, update to a version that includes a fix for the sub read line sami function in subreader.c to prevent the stack-based buffer overflow.
Exploit
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mplayer