Vulnerabilities > CVE-2022-38863 - Out-of-bounds Write vulnerability in multiple products

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

mplayerhq

debian

CWE-787

NVD

Published: 2022-09-15

Updated: 2023-01-17

Summary

Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mp_getbits() of libmpdemux/mpeg_hdr.c which affects mencoder and mplayer. This affects mecoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1.

Vulnerable Configurations

Part	Description	Count
Application	Mplayerhq Mplayerhq Mencoder Svn-R38374-13.0.1 Mplayerhq Mplayer Svn-R38374-13.0.1	2
OS	Debian Debian Debian Linux 10.0	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://trac.mplayerhq.hu/ticket/2405
https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html