oss-sec mailing list archives
CVE request: Mplayer/Mencoder integer overflow parsing gif files
From: Gustavo Grieco <gustavo.grieco () gmail com>
Date: Fri, 29 Apr 2016 09:38:28 +0200
Hi, A crash caused by an integer overflow parsing a gif was found in the last revision of mplayer. It seems to affect older versions too. It was recently fixed (r37857). Technical details and a reproducer are available here: https://trac.mplayerhq.hu/ticket/2295 <https://github.com/stedolan/jq/issues/1136> I verified that this issue affects mencoder, so you should check if you are using it for conversion of gif files. This crash was found by QuickFuzz. Regards, Gustavo.
Current thread:
- CVE request: Mplayer/Mencoder integer overflow parsing gif files Gustavo Grieco (Apr 29)
- Re: CVE request: Mplayer/Mencoder integer overflow parsing gif files Gustavo Grieco (Apr 29)
- Re: CVE request: Mplayer/Mencoder integer overflow parsing gif files cve-assign (Apr 29)