CVE-2006-6172

Publication date 30 November 2006

Last updated 24 July 2024

Ubuntu priority

Buffer overflow in the asmrp_eval function in the RealMedia RTSP stream handler (asmrp.c) for Real Media input plugin, as used in (1) xine/xine-lib, (2) MPlayer 1.0rc1 and earlier, and possibly others, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a rulebook with a large number of rulematches.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
mplayer	7.10 gutsy	Not affected
	7.04 feisty	Not affected
	6.10 edgy	Fixed 2:0.99+1.0pre8-0ubuntu8.2
	6.06 LTS dapper	Fixed 2:0.99+1.0pre7try2+cvs20060117-0ubuntu8.1
xine-lib	7.10 gutsy	Not affected
	7.04 feisty	Not affected
	6.10 edgy	Fixed 1.1.2+repacked1-0ubuntu3.4
	6.06 LTS dapper	Fixed 1.1.1+ubuntu2-7.7

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-392-1
xine-lib vulnerability
4 December 2006

Other references

https://www.cve.org/CVERecord?id=CVE-2006-6172