Vulnerabilities > Mplayer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-02-06 | CVE-2008-0630 | Buffer Errors vulnerability in Mplayer 1.02Rc2 Buffer overflow in url.c in MPlayer 1.0rc2 and SVN before r25823 allows remote attackers to execute arbitrary code via a crafted URL that prevents the IPv6 parsing code from setting a pointer to NULL, which causes the buffer to be reused by the unescape code. | 6.8 |
| 2008-02-06 | CVE-2008-0629 | Buffer Errors vulnerability in Mplayer 1.02Rc2 Buffer overflow in stream_cddb.c in MPlayer 1.0rc2 and SVN before r25824 allows remote user-assisted attackers to execute arbitrary code via a CDDB database entry containing a long album title. | 4.3 |
| 2008-02-05 | CVE-2008-0486 | Numeric Errors vulnerability in multiple products Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow. | 7.5 |
| 2008-02-05 | CVE-2008-0485 | Numeric Errors vulnerability in Mplayer Array index error in libmpdemux/demux_mov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag. | 9.3 |
| 2007-09-18 | CVE-2007-4938 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value. | 7.6 |
| 2007-06-07 | CVE-2007-2948 | CDDB Parsing Buffer Overflow vulnerability in Mplayer 1.0Rc1 Multiple stack-based buffer overflows in stream/stream_cddb.c in MPlayer before 1.0rc1try3 allow remote attackers to execute arbitrary code via a CDDB entry with a long (1) album title or (2) category. | 9.3 |
| 2007-03-03 | CVE-2007-1246 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mplayer The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than CVE-2007-1387. | 7.6 |
| 2006-11-30 | CVE-2006-6172 | Remote Buffer Overflow vulnerability in Xine-Lib RuleMatches Buffer overflow in the asmrp_eval function in the RealMedia RTSP stream handler (asmrp.c) for Real Media input plugin, as used in (1) xine/xine-lib, (2) MPlayer 1.0rc1 and earlier, and possibly others, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a rulebook with a large number of rulematches. | 7.5 |
| 2006-03-30 | CVE-2006-1502 | Integer Overflow vulnerability in MPlayer Multiple integer overflows in MPlayer 1.0pre7try2 allow remote attackers to cause a denial of service and trigger heap-based buffer overflows via (1) a certain ASF file handled by asfheader.c that causes the asf_descrambling function to be passed a negative integer after the conversion from a char to an int or (2) an AVI file with a crafted wLongsPerEntry or nEntriesInUse value in the indx chunk, which is handled in aviheader.c. | 5.1 |
| 2006-02-08 | CVE-2006-0579 | Unspecified vulnerability in Mplayer Multiple integer overflows in (1) the new_demux_packet function in demuxer.h and (2) the demux_asf_read_packet function in demux_asf.c in MPlayer 1.0pre7try2 and earlier allow remote attackers to execute arbitrary code via an ASF file with a large packet length value. | 7.5 |