Oval Definition:oval:org.opensuse.security:def:20071387
Revision Date:2021-08-15Version:1
Title:CVE-2007-1387
Description:

The DirectShow loader (loader/dshow/DS_VideoDecoder.c) in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than CVE-2007-1246.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2007-1387
Mitre CVE-2007-1387
SUSE CVE-2007-1387
Platform(s):SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Software Development Kit 11 SP4
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND Package Information
  • libxine-devel-1.1.15-23.3 is installed
  • OR libxine1-1.1.15-23.3 is installed
  • OR libxine1-32bit-1.1.15-23.3 is installed
  • OR libxine1-gnome-vfs-1.1.15-23.3 is installed
  • OR libxine1-pulse-1.1.15-23.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND Package Information
  • libxine-devel-1.1.15-23.3.9 is installed
  • OR libxine1-1.1.15-23.3.9 is installed
  • OR libxine1-32bit-1.1.15-23.3.9 is installed
  • OR libxine1-gnome-vfs-1.1.15-23.3.9 is installed
  • OR libxine1-pulse-1.1.15-23.3.9 is installed
    • BACK