[MPlayer-dev-eng] buffer overflow of the month
Attila Kinali
attila at kinali.ch
Thu Aug 25 18:04:33 CEST 2005
Hi,
Sascha just posted the "advisory" of a german one man security company
on IRC: http://www.sven-tantau.de/public_files/mplayer/mplayer_20050824.txt
Has anyone here been contacted by this guy ?
Noone i asked on IRC knew anything about it prior to the
public discolsure.
I also doubt very much that this overflow is exploitable
at all (but i cannot for sure say that as i don't have the
file to test).
Can someone confirm whether this is a normal sig11 or something
more serious ? If it's just a sig11 i would like to post
a news entry on the webpage as soon as possible to
1) Tell people that it is not exploitable
2) Tell people that we haven't been contacted
Attila Kinali
--
心をこめて聞け心をこめて話せ
More information about the MPlayer-dev-eng
mailing list