CVE-2008-0486
Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow.
Date published : 2008-02-05
http://www.securityfocus.com/bid/27441
http://www.securityfocus.com/archive/1/487501/100/0/threaded