Test ID:	1.3.6.1.4.1.25623.1.0.58439
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDKSA-2007:143 (mplayer)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to mplayer announced via advisory MDKSA-2007:143. Multiple stack-based buffer overflows in stream/stream_cddb.c in MPlayer before 1.0rc1try3 allow remote attackers to execute arbitrary code via a CDDB entry with a long (1) album title or (2) category. Updated packages have been patched to prevent this issue. Affected: 2007.0, 2007.1, Corporate 3.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2007:143 Risk factor : Critical CVSS Score: 9.3
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-2948 BugTraq ID: 24339 http://www.securityfocus.com/bid/24339 Debian Security Information: DSA-1313 (Google Search) http://www.debian.org/security/2007/dsa-1313 http://security.gentoo.org/glsa/glsa-200707-07.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:143 http://secunia.com/secunia_research/2007-55/ http://lists.mplayerhq.hu/pipermail/mplayer-announce/2007-June/000066.html http://osvdb.org/36991 http://secunia.com/advisories/24302 http://secunia.com/advisories/25713 http://secunia.com/advisories/25940 http://secunia.com/advisories/26083 http://secunia.com/advisories/26207 SuSE Security Announcement: SUSE-SR:2007:014 (Google Search) http://www.novell.com/linux/security/advisories/2007_14_sr.html http://www.vupen.com/english/advisories/2007/2080 XForce ISS Database: mplayer-cddb-bo(34749) https://exchange.xforce.ibmcloud.com/vulnerabilities/34749
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.