Blog-N-Play.com
Anytime a feature of a framework gives me something for free that I don't need to manually implement I'm a happy camper. One such feature of ASP.NET MVC 2 is jQuery client-side validation. The
Oct. 26, 2009 09:58 AM EDT
Did you read today's front page stories & breaking news?
Read Digital Edition


ADS BY GOOGLE
Most Read This Week
By Kevin Hoffman
Reads: 14,803
By Kevin Jackson
Reads: 5,486
By Al Mannarino
Reads: 5,420
By Jeremy Geelan
Reads: 4,832
By Aditya Banerjee
Reads: 3,790
By Carmen Gonzalez
Reads: 3,502
By Ernest de Leon
Reads: 3,395
By Cloud News Desk
Reads: 3,299
By Dustin Amrhein
Reads: 3,262
By Maureen O'Gara
Reads: 2,853
Top Three Links You Must Click On


Security
Security Alert: Mplayer Users Urged to Upgrade to Latest Version
Security Alert: Mplayer Users Urged to Upgrade to Latest Version

By: Security News Desk
Aug. 4, 2004 12:00 AM

Users of the popular Mplayer media device are being urged to upgrade to the latest version, due to a bug. The vulnerability is in the GUI interface, which contains buffer overflow weak-spots. A skillfully crafted, bogus GUI interface could be used to get the user to play the system, and hence execute arbitrary code.

Vulnerable versions are those before 1.0 pre4. Gentoo Linux suggested updating to a later release. Developers were more cautious and urged users of Mplayers not to use the GUI at all since other similar bugs are likely to be discovered.

In June, one programmer wrote on a developers' e-mail list that there are many buffer overflows in Mplayer. "I would recommend not using the GUI," he wrote. "This code is so nasty and broken that I'm not going to spend my time fixing it... if you want the GUI to work, and don't want to be embarrassed by remote [vulnerabilities] in Mplayer, step up and fix it."

All Mplayers are vulnerable to this problem. A month ago the bug was reported on the Bugtrap security mailing list. A patch was release by the Mplayer project in response that Linux vendors are now using.

Published Aug. 4, 2004— Reads 14,287
Copyright © 2004 SYS-CON Media, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.
About Security News Desk
SYS-CON's Security News desk trawls the world of security for news of software, hardware, products, and services that seems likely to be of interest to infosec professionals and summarizes them for easy assimilation by busy IT managers and staff.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1

  Subscribe to our RSS feeds now and receive the next article instantly!
In It? Reprint It! Contact advertising(at)sys-con.com to order your reprints!
Subscribe to the World's Most Powerful Newsletters
Linux Links You Must Click On !

Lo Ultimo
La embajadora mundial de AvonReese Witherspoon ha sido anfitriona de una fiesta del té exclusiva par...
Dec. 3, 2009 06:35 PM EST

GameStop Corp. (NYSE:GME), la empresa minorista de software de videojuegos y entret...

Dec. 3, 2009 02:36 PM EST
Un estudio online publicado esta semana en Science ha demostrado que SPC3649, una revolucionaria ter...
Dec. 3, 2009 02:00 PM EST
Microsoft Corp. ha anunciado hoy una oleada de informes voluntarios - más de 150.000 en los dos últi...
Dec. 3, 2009 01:45 PM EST
Tras dos décadas de éxito demostrado a nivel científico y médico en su campo, los expertos de Lightl...
Dec. 3, 2009 10:44 AM EST
ADS BY GOOGLE
By Adam Blum
Some people say “oh, you’re dual licensing like MySQL. So does that mean that I get to use it and no...
Dec. 3, 2009 09:45 PM EST  Reads: 311
By Yeshim Deniz
Michael Bell, founder of Methodologies Corporation, the leading service-oriented modeling company, a...
Dec. 3, 2009 05:45 PM EST  Reads: 286
By Salvatore Genovese
Dune Networks' Highly Scalable Switch Fabric Technology Expands Broadcom's Product Portfolio for Dat...
Dec. 3, 2009 05:30 PM EST  Reads: 458
By Pat Romanski
M86 Security, a leading global provider of Web and messaging security products, released Predictions...
Dec. 3, 2009 05:00 PM EST  Reads: 573
By Yeshim Deniz
JetBrains, creators of intelligent, productivity-enhancing development tools, announced the public a...
Dec. 3, 2009 04:15 PM EST  Reads: 341
By Salvatore Genovese
Researchers from Intel Labs demonstrated an experimental, 48-core Intel processor, or “single-chip c...
Dec. 3, 2009 04:15 PM EST  Reads: 360
By Dana Gardner
The irony is that Oracle has advanced MySQL, lost money in the process, and helped its competitors -...
Dec. 3, 2009 04:00 PM EST  Reads: 1,275
By Maureen O'Gara
The founders of Crystal Reports and veterans of Microsoft, Symmetrics and Business Objects have laun...
Dec. 3, 2009 04:00 PM EST  Reads: 374
By John Savageau
I first met Mark Fishburn at the Convergence Technology Council (CTC) in Calabasas, California. Mark...
Dec. 3, 2009 03:45 PM EST  Reads: 278
By Pat Romanski
Concerns about the security of cloud computing environments top the list of reasons for firms not be...
Dec. 3, 2009 03:15 PM EST  Reads: 672
By Liz McMillan
WSO2, the open source SOA company, today announced the launch of the WSO2 Cloud Platform. Available ...
Dec. 3, 2009 03:00 PM EST  Reads: 1,187
By Red Hat News Desk
Red Hat Enterprise Linux running on Intel® processor-based servers helps your customers reduce TCO, ...
Dec. 3, 2009 02:30 PM EST  Reads: 421
By Red Hat News Desk
Now is the time to examine the TCO migrating from Unix to the more cost-effective open systems platf...
Dec. 3, 2009 02:15 PM EST  Reads: 338
By ITSG News Desk
Making the right choices around technology is critical to the success of your business. Finding out ...
Dec. 3, 2009 02:15 PM EST  Reads: 240
By Maureen O'Gara
Dell is transferring ownership of its new factory in Poland over to contract manufacturer Foxconn Te...
Dec. 3, 2009 02:00 PM EST  Reads: 419
By John Funnell
Michael Donnelly, Group Director Worldwide Interactive Marketing, Coca-Cola and Michael Buck Global ...
Dec. 3, 2009 01:45 PM EST  Reads: 289
By RealWire News Distribution
To address this need, increasing numbers of healthcare organizations are evaluating enterprise imagi...
Dec. 3, 2009 11:45 AM EST  Reads: 293
By Ernest de Leon
Some great news came out of Sun Microsystems yesterday with the release of VirtualBox 3.1.o. This is...
Dec. 3, 2009 11:15 AM EST  Reads: 763
By RealWire News Distribution
Thales announces SafeSign Mobile Authentication which enables strong authentication using a mobile d...
Dec. 3, 2009 11:00 AM EST  Reads: 332
By RealWire News Distribution
IGEL's Linux firmware now supports popular touchscreen monitors, including the LG L1730SF Monitor an...
Dec. 3, 2009 11:00 AM EST  Reads: 373
MORE »