|MPlayer和VLC Player real数据传送远程整数下溢漏洞

MPlayer和VLC Player real数据传送远程整数下溢漏洞

- AV AC AU C I A

发布： 2025-04-13

修订： 2025-04-13

Bugraq ID: 35821 CNCAN ID：CNCAN-2009072802 MPlayer和VLC Player是流行的媒体播放器。 MPlayer和VLC Player不正确处理用户提供的输入，远程攻击者可以利用漏洞进行整数下溢攻击，可能以应用程序权限执行任意指令。 Mplayer 源文件: stream/realrtsp/real.c function: int real_get_rdt_chunk(rtsp_t *rtsp_session, char **buffer, int rdt_rawdata) VLC 源文件: modules/access/rtsp/real.c function: int real_get_rdt_chunk_header(rtsp_client_t *rtsp_session, rmff_pheader_t *ph) 源代码来自xine库[3]: 源文件: src/input/libreal/real.c function: int real_get_rdt_chunk(rtsp_t *rtsp_session, unsigned char **buffer) 函数real_get_rdt_chunk()调用rtsp_read_data()来读取来自网络的RDT (Real Data Transport)块头部字段数据，之后对其进行解析。控制的变量可用于分配缓冲区，并在之后传递给rtsp_read_data()函数用于指定读取于网络的RDT块数据长度。当解析畸形的RDT头部字段块时存在整数下溢，远程攻击者利用漏洞以应用程序上下文执行任意指令。 VideoLAN VLC media player 1.0 VideoLAN VLC media player 0.9.9 VideoLAN VLC media player 0.9.7 VideoLAN VLC media player 0.9.6 VideoLAN VLC media player 0.9.5 VideoLAN VLC media player 0.9.4 VideoLAN VLC media player 0.9.3 VideoLAN VLC media player 0.9.2 VideoLAN VLC media player 0.9.1 VideoLAN VLC media player 0.9 VideoLAN VLC media player 0.8.6 i VideoLAN VLC media player 0.8.6 h VideoLAN VLC media player 0.8.6 g VideoLAN VLC media player 0.8.6 d VideoLAN VLC media player 0.8.6 + Debian Linux 4.0 sparc + Debian Linux 4.0 s/390 + Debian Linux 4.0 powerpc + Debian Linux 4.0 mipsel + Debian Linux 4.0 mips + Debian Linux 4.0 m68k + Debian Linux 4.0 ia-64 + Debian Linux 4.0 ia-32 + Debian Linux 4.0 hppa + Debian Linux 4.0 arm + Debian Linux 4.0 amd64 + Debian Linux 4.0 alpha + Debian Linux 4.0 VideoLAN VLC media player 0.9.8a VideoLAN VLC media player 0.8.6f VideoLAN VLC media player 0.8.6e VideoLAN VLC media player 0.8.6c VideoLAN VLC media player 0.8.6b VideoLAN VLC media player 0.8.6a MPlayer MPlayer 1.0.20060329 MPlayer MPlayer 1.0 pre6-r4 MPlayer MPlayer 1.0 pre6-3.3.5-20050130 MPlayer MPlayer 1.0 pre6 + Gentoo Linux MPlayer MPlayer 1.0 pre5try2 MPlayer MPlayer 1.0 pre5try1 MPlayer MPlayer 1.0 pre5 + Gentoo Linux 1.4 + Gentoo Linux MPlayer MPlayer 1.0 pre4 MPlayer MPlayer 1.0 pre3try2 MPlayer MPlayer 1.0 pre3 MPlayer MPlayer 1.0 pre2 MPlayer MPlayer 1.0 pre1 MPlayer MPlayer 0.92.1 MPlayer MPlayer 0.92 MPlayer MPlayer 0.91 + MandrakeSoft Linux Mandrake 9.2 MPlayer MPlayer 0.90 rc series MPlayer MPlayer 0.90 pre series MPlayer MPlayer 0.90 MPlayer MPlayer 0.9 0rc4 + MandrakeSoft Linux Mandrake 9.1 MPlayer MPlayer HEAD CVS MPlayer MPlayer 1.0rc2-4.2.1 + MandrakeSoft Linux Mandrake 2007.1 x86_64 + MandrakeSoft Linux Mandrake 2007.1 + MandrakeSoft Linux Mandrake 2007.0 x86_64 + MandrakeSoft Linux Mandrake 2007.0 MPlayer MPlayer 1.0rc2 + MandrakeSoft Linux Mandrake 2007.1 x86_64 + MandrakeSoft Linux Mandrake 2007.1 + MandrakeSoft Linux Mandrake 2007.0 x86_64 + MandrakeSoft Linux Mandrake 2007.0 MPlayer MPlayer 1.0pre7try2 MPlayer MPlayer 1.0 -rc1 + Debian Linux 4.0 sparc + Debian Linux 4.0 s/390 + Debian Linux 4.0 powerpc + Debian Linux 4.0 mipsel + Debian Linux 4.0 mips + Debian Linux 4.0 m68k + Debian Linux 4.0 ia-64 + Debian Linux 4.0 ia-32 + Debian Linux 4.0 hppa + Debian Linux 4.0 arm + Debian Linux 4.0 amd64 + Debian Linux 4.0 alpha + Debian Linux 4.0 + MandrakeSoft Linux Mandrake 2007.1 x86_64 + MandrakeSoft Linux Mandrake 2007.1 x86_64 + MandrakeSoft Linux Mandrake 2007.1 + MandrakeSoft Linux Mandrake 2007.1 + MandrakeSoft Linux Mandrake 2007.0 x86_64 + MandrakeSoft Linux Mandrake 2007.0 x86_64 + MandrakeSoft Linux Mandrake 2007.0 + MandrakeSoft Linux Mandrake 2007.0 MPlayer MPlayer 1.0 + MandrakeSoft Corporate Server 3.0 x86_64 + MandrakeSoft Corporate Server 3.0 x86_64 + MandrakeSoft Corporate Server 3.0 + MandrakeSoft Corporate Server 3.0 + MandrakeSoft Linux Mandrake 2007.1 + MandrakeSoft Linux Mandrake 2007.0 x86_64 + MandrakeSoft Linux Mandrake 2007.0 MPlayer MPlayer 0_92 CVS 厂商解决方案 VLC Player CVS库已经提供此漏洞补丁，建议用户关注下载： http://www.videolan.org/

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有0条受影响产品信息

您还没有登录，登录后可查看更多

添加资源
收藏资源
问题反馈

贡献用户

暂无贡献用户

VULHUB ™