Vulnerabilities > CVE-2003-0835 - Unspecified vulnerability in Mplayer

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
mplayer
nessus
exploit available

Summary

Multiple buffer overflows in asf_http_request of MPlayer before 0.92 allows remote attackers to execute arbitrary code via an ASX header with a long hostname.

Exploit-Db

descriptionMPlayer 0.9/1.0 Streaming ASX Header Parsing Buffer Overrun Vulnerability. CVE-2003-0835. Remote exploit for linux platform
idEDB-ID:23186
last seen2016-02-02
modified2003-09-25
published2003-09-25
reporterOtero Hernan
sourcehttps://www.exploit-db.com/download/23186/
titleMPlayer 0.9/1.0 Streaming ASX Header Parsing Buffer Overrun Vulnerability

Nessus

NASL familyMandriva Local Security Checks
NASL idMANDRAKE_MDKSA-2003-097.NASL
descriptionA buffer overflow vulnerability was found in MPlayer that is remotely exploitable. A malicious host can craft a harmful ASX header and trick MPlayer into executing arbitrary code when it parses that particular header. The provided packages have been patched to fix the problem.
last seen2020-06-01
modified2020-06-02
plugin id14079
published2004-07-31
reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/14079
titleMandrake Linux Security Advisory : mplayer (MDKSA-2003:097)