Mandriva Linux Security Advisory – The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and earlier does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/54970/MDKSA-2007-055.txt
Source: https://packetstormsecurity.com/files/54970/Mandriva-Linux-Security-Advisory-2007.055.html