iDEFENSE Security Advisory 12.16.2004-2 – Remote exploitation of a heap overflow vulnerability in Unix MPlayer could allow attackers to gain access to the computer. The vulnerability specifically exists due to a lack of bounds checking within the demux_open_bmp() routine defined in /libmpdemux/demux_bmp.c. If a specially crafted file specifies a large value for the biClrUsed field, an overflow is triggered in stream_read().
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/35378/12.16.04-2.txt
Source: https://packetstormsecurity.com/files/35378/iDEFENSE-Security-Advisory-2004-12-16.2.html