oss-sec mailing list archives
Re: CVE Request: mplayer RDT parsing integer underlow
From: Moritz Muehlenhoff <jmm () debian org>
Date: Thu, 20 Oct 2011 18:23:40 +0200
On Thu, Oct 20, 2011 at 12:22:37PM -0400, Josh Bressers wrote:
Please use CVE-2009-5027
This has already received a CVE ID, although for some reason it was never set public on the MITRE website: http://www.debian.org/security/2010/dsa-2043 http://www.debian.org/security/2010/dsa-2044 -> CVE-2010-2062 Cheers, Moritz
Thanks. -- JB ----- Original Message -----Hi, Please assign a CVE for this issue from 2009. From [1]: "Function real_get_rdt_chunk() calls rtsp_read_data() to read RDT (Real Data Transport) chunks headers from the network and after that it will parse them. A controled variable is used to allocate a buffer and later passed on to the rtsp_read_data() function in order to specify the length of an RDT chunk data to read from the network. An integer underflow can be triggered when parsing a malformed RDT header chunk, a remote attacker can exploit it to execute arbitrary code in the context of the application." [1] http://seclists.org/fulldisclosure/2009/Jul/418 [2] https://secunia.com/advisories/36041/3/ thank you tim -- Tim Sammut ~ Gentoo Security Team underling () gentoo org ~ C2375493
Current thread:
- CVE Request: mplayer RDT parsing integer underlow Tim Sammut (Oct 18)
- Re: CVE Request: mplayer RDT parsing integer underlow Josh Bressers (Oct 20)
- Re: CVE Request: mplayer RDT parsing integer underlow Moritz Muehlenhoff (Oct 20)
- Re: CVE Request: mplayer RDT parsing integer underlow Josh Bressers (Oct 20)