[MPlayer-DOCS] [homepage]: r3131 - trunk/src/news.src.en
diego
subversion at mplayerhq.hu
Sat Feb 2 16:30:20 CET 2008
Author: diego
Date: Sat Feb 2 16:30:19 2008
New Revision: 3131
Log:
spelling/wording/grammar
Modified:
trunk/src/news.src.en
Modified: trunk/src/news.src.en
==============================================================================
--- trunk/src/news.src.en (original)
+++ trunk/src/news.src.en Sat Feb 2 16:30:19 2008
@@ -17,14 +17,14 @@
<p>
A buffer overflow was found and reported by Adam Bozanich of Musecurity in the
-code used to extract album titles from cbbd server answers.
+code used to extract album titles from CDDB server answers.
</p>
<p>
-When parsing answers from the cddb server, the album title is copied into a
-fixed-size buffer with insufficient checks on its size, and may cause a buffer
+When parsing answers from the CDDB server, the album title is copied into a
+fixed-size buffer with insufficient size checks, which may cause a buffer
overflow. A malicious database entry could trigger a buffer overflow in the
-program, that can lead to arbitrary code execution with the UID of the user
+program. That can lead to arbitrary code execution with the UID of the user
running MPlayer.
</p>
@@ -32,8 +32,8 @@
<p>
High (arbitrary code execution under the user ID running the player) when
-getting disk information from a malicious cddb entry, null if you do not use
-this feature. Please note that it is possible to overwrite entries in the cddb
+getting disk information from a malicious CDDB entry, null if you do not use
+this feature. Please note that it is possible to overwrite entries in the CDDB
database, so an attack can also be performed via a non-compromised server. At
the time the buffer overflow was fixed there was no known exploit in the wild.
</p>
@@ -46,14 +46,14 @@
for this problem was committed to SVN on Sun Jan 20 20:58:02 2008 UTC as r25824.
Users of affected MPlayer versions should download a
<a href="http://www.mplayerhq.hu/MPlayer/patches/stream_cddb_fix_20080120.diff">patch</a>
-for MPlayer 1.0rc2 or update to the latest version if they're using SVN.
+for MPlayer 1.0rc2 or update to the latest version if they are using SVN.
</p>
<h3>Affected versions</h3>
<p>
MPlayer 1.0rc2 and SVN before r25824 (Sun Jan 20 20:58:02 2008 UTC).
-Older versions are probably affected, too, but they were not checked.
+Older versions are probably affected, but they were not checked.
</p>
@@ -79,23 +79,23 @@
<p>
A buffer overflow was found and reported by Adam Bozanich of Musecurity in the
-code used to escape url strings.
+code used to escape URL strings.
</p>
<p>
-The code used to skip over IPv6 addresses can be tricked to leave a pointer to
-a temporary buffer with a non-NULL value; this causes the unescape code to reuse
-the buffer, and may lead to a buffer overflow if the old buffer is smaller than
-required. A malicious url string may be used to trigger a buffer overflow in the
-program, that can lead to arbitrary code execution with the UID of the user
-running MPlayer.
+The code used to skip over IPv6 addresses can be tricked into leaving a pointer
+to a temporary buffer with a non-NULL value; this causes the unescape code to
+reuse the buffer, and may lead to a buffer overflow if the old buffer is
+smaller than required. A malicious URL string may be used to trigger a buffer
+overflow in the program, that can lead to arbitrary code execution with the
+UID of the user running MPlayer.
</p>
<h3>Severity</h3>
<p>
High (arbitrary code execution under the user ID running the player) if you can
-play untrusted urls (eg. delivered by a remote playlist), null if you do not
+play untrusted URLs (e.g. delivered by a remote playlist), null if you do not
use this feature. At the time the buffer overflow was fixed there was no known
exploit in the wild.
</p>
@@ -108,14 +108,14 @@
for this problem was committed to SVN on Sun Jan 20 20:43:46 2008 UTC as r25823.
Users of affected MPlayer versions should download a
<a href="http://www.mplayerhq.hu/MPlayer/patches/url_fix_20080120.diff">patch</a>
-for MPlayer 1.0rc2 or update to the latest version if they're using SVN.
+for MPlayer 1.0rc2 or update to the latest version if they are using SVN.
</p>
<h3>Affected versions</h3>
<p>
MPlayer 1.0rc2 and SVN before r25823 (Sun Jan 20 20:43:46 2008 UTC).
-Older versions are probably affected, too, but they were not checked.
+Older versions are probably affected, but they were not checked.
</p>
@@ -141,15 +141,15 @@
<p>
A buffer overflow was found and reported by Felipe Manzano and Anibal Sacco of
-CORE Security Technologies in the code used to parse the mov file headers.
+CORE Security Technologies in the code used to parse MOV file headers.
Other similar issues were found by Reimar Döffinger while fixing the code.
-The vulnerability is identified with CORE-2008-0122.
+The vulnerability is identified as CORE-2008-0122.
</p>
<p>
-The code read some values from the file and uses them as indexes into an array
-allocated on the heap, without performing any boundary check. A malicious file
-may be used to trigger a buffer overflow in the program, that can lead to
+The code read some values from the file and used them as indexes into an array
+allocated on the heap without performing any boundary check. A malicious file
+may be used to trigger a buffer overflow in the program. That can lead to
arbitrary code execution with the UID of the user running MPlayer.
</p>
@@ -157,7 +157,7 @@
<p>
High (arbitrary code execution under the user ID running the player) when
-playing a malicious mov file, null if you do not use this feature. At the time
+playing a malicious MOV file, null if you do not use this feature. At the time
the buffer overflow was fixed there was no known exploit in the wild.
</p>
@@ -171,14 +171,14 @@
r25922.
Users of affected MPlayer versions should download a
<a href="http://www.mplayerhq.hu/MPlayer/patches/demux_mov_fix_20080129.diff">patch</a>
-for MPlayer 1.0rc2 or update to the latest version if they're using SVN.
+for MPlayer 1.0rc2 or update to the latest version if they are using SVN.
</p>
<h3>Affected versions</h3>
<p>
MPlayer 1.0rc2 and SVN before r25922 (Tue Jan 29 22:14:00 2008 UTC).
-Older versions are probably affected, too, but they were not checked.
+Older versions are probably affected, but they were not checked.
</p>
@@ -205,7 +205,7 @@
<p>
A stack overflow was found and reported by Damian Frizza and Alfredo Ortega of
CORE Security Technologies in the code used to parse FLAC comments. The
-vulnerability is identified with CORE-2008-1218.
+vulnerability is identified as CORE-2008-1218.
</p>
<p>
@@ -232,14 +232,14 @@
for this problem was committed to SVN on Tue Jan 29 22:00:58 2008 UTC as r25917.
Users of affected MPlayer versions should download a
<a href="http://www.mplayerhq.hu/MPlayer/patches/demux_audio_fix_20080129.diff">patch</a>
-for MPlayer 1.0rc2 or update to the latest version if they're using SVN.
+for MPlayer 1.0rc2 or update to the latest version if they are using SVN.
</p>
<h3>Affected versions</h3>
<p>
MPlayer 1.0rc2 and SVN before r25917 (Tue Jan 29 22:00:58 2008 UTC).
-Older versions are probably affected, too, but they were not checked.
+Older versions are probably affected, but they were not checked.
</p>
@@ -571,7 +571,7 @@
<p>
A stack overflow was found and reported by Stefan Cornelius of Secunia
-Research in the code used to handle cddb queries. Two other similar issues
+Research in the code used to handle CDDB queries. Two other similar issues
were found by Reimar Döffinger while fixing the issue. The vulnerability is
identified with CVE-2007-2948 and
<a href="http://secunia.com/advisories/24302/">SAID 24302</a>.
@@ -588,9 +588,9 @@
<p>
High (arbitrary remote code execution under the user ID running the player)
-when getting disk information from a malicious cddb entry, null if you do not
+when getting disk information from a malicious CDDB entry, null if you do not
use this feature. Please note that it is possible to overwrite entries in the
-cddb database, so an attack can also be performed via a non-compromised server.
+CDDB database, so an attack can also be performed via a non-compromised server.
At the time the buffer overflow was fixed there was no known exploit in the
wild.
</p>
More information about the MPlayer-DOCS
mailing list