On the website of the open source media player MPlayer, a new version of this program can be found: number 1.0 pre4. The software, which is included as the default media player in many Linux distributions, can be a big list look forward to improvements.
Topping the list are four patched security vulnerabilities, the most notable of which is a flaw in the Real-Time Streaming Protocol (RTSP). Malicious administrators were able to execute commands on the user’s system using RTSP, which is used when streaming video and audio from a RealMedia server. Fortunately, the developers were quick; to our knowledge, no exploit has been developed to exploit the vulnerability.
Security:
- HTTP parser remote heap overflow vulnerability fixed (from 1.0pre3try2)
- Real RTSP remote buffer overflow vulnerability fixed
- buffer overflow in the Matroska demuxer
- potentially exploitable buffer overflow in CDDB TOC code
[break]The new release of the software still needs to be compiled yourself, the source is here to find.
Version number | 1.0 pre4 |
Operating systems | Linux x86 |
Website | MPlayer HQ |
Download | |
file size |
4.69MB |
License type | GPL |