Bug#870233: smplayer: executes javascript code downloaded from insecure URL
Jonas Smedegaard
dr at jones.dk
Mon Jul 31 05:45:03 UTC 2017
Source: smplayer
Version: 17.7.0~ds0-1
Severity: grave
Tags: security
Justification: user security hole
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
smplayer includes code in src/basegui.cpp to download and (I guess)
execute javascript code for parsing youtube paths. The download URL is
http://updates.smplayer.info/yt.js which is insecure and therefore I
suspect easy to replace with evil code.
- Jonas
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAll+w9sACgkQLHwxRsGg
ASEgTA//QMLa7jZwjXz3F1r+2NkukhdvQ5QQyZsXbk8sfHyOnCpHJmy2fqZhudmx
uq3hhOyCD1SVGLTGp0YURWe8ScwhebjqXfvtNIV4Xzz7oGkXGqWeBaYuYuEyvOF+
UtTDmKtg2ZbvbOjyuq4krEr8sKEH37WJn02esrDsrXSGrXmz5I42+pAlau5/vecb
NaHmcBs+jDKkLkoziKn3CSauqmmHXIn58ECO/cLD1ziPYGuZDjjgafUKxhQfDcKz
v5S/NbleKzWIMbgicpcXoru3FE88iBs8rKW0X8o0rg2AYXlvYjoTKFj3SAv5MYiv
Tlo9TgT7iWNXb2yK0FuxDDeG/FaM5g741CAWfAj/j9qTEF1E2Zf3F+YOrReFtMdw
szl2q2kw6vkmQzVA+0jBZIIw2VJCuMyDBxV5aDEEyaaw7Mc0l1rAFxHPcdq/Os/Q
UkW38xn5M0GMYOZAMOu55ymP6f5StrOTRqURUGCxY3ZcVTBSRMzG57ds8WlkcGa0
Rxb8EK/nCjAkbye7k1g9ajYuYEbYqdknBLZs9ngAEPF/CmadUmv7a+dfwAhfjy99
vXBiyJxNrwHwMZqqbZ7GYkplZOap5cuthJsA127bd9M4935ZmwgGY6hrx3+y4b5J
9FNO/9x1etJ2+skGjY+1t9vDBOuhqtE6VlR0i0N1bMKkxKM7J2w=
=ZQlT
-----END PGP SIGNATURE-----
More information about the pkg-multimedia-maintainers
mailing list