Vulnerabilities > CVE-2022-38860 - Divide By Zero vulnerability in multiple products

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

mplayerhq

debian

CWE-369

NVD

Published: 2022-09-15

Updated: 2023-01-17

Summary

Certain The MPlayer Project products are vulnerable to Divide By Zero via function demux_open_avi() of libmpdemux/demux_avi.c which affects mencoder. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

Vulnerable Configurations

Part	Description	Count
Application	Mplayerhq Mplayerhq Mencoder Svn-R38374-13.0.1 Mplayerhq Mplayer Svn-R38374-13.0.1	2
OS	Debian Debian Debian Linux 10.0	1

Common Weakness Enumeration (CWE)

CWE-369 - Divide By Zero

References

https://trac.mplayerhq.hu/ticket/2402
https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html