Mandriva Linux Security Advisory – The DS_VideoDecoder_Open function in loader/dshow/DS_VideoDecoder.c in MPlayer 1.0rc1 and earlier does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/55072/MDKSA-2007-061.txt
Source: https://packetstormsecurity.com/files/55072/Mandriva-Linux-Security-Advisory-2007.061.html