Filtered by vendor Mplayer
Subscribe
Total
33 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1285 | 1 Mplayer | 1 Mplayer | 2017-07-11 | 10.0 HIGH | N/A |
| Buffer overflow in the get_header function in asf_mmst_streaming.c for MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a crafted ASF video stream. | |||||
| CVE-2004-1309 | 1 Mplayer | 1 Unix Mplayer | 2017-07-11 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the demux_open_bmp function in demux_bmp.c for Unix MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a bitmap (BMP) file containing a large biClrUsed field. | |||||
| CVE-2004-1311 | 1 Mplayer | 1 Mplayer | 2017-07-11 | 10.0 HIGH | N/A |
| Integer overflow in the real_setup_and_get_header function in real.c for Unix MPlayer 1.0pre5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a Real RTSP streaming media file with a -1 content-length field, which leads to a heap-based buffer overflow. | |||||
| CVE-2004-1187 | 3 Mandrakesoft, Mplayer, Xine | 4 Mandrake Linux, Mplayer, Xine and 1 more | 2017-07-11 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows remote attackers to execute arbitrary code via long PNA_TAG values, a different vulnerability than CVE-2004-1188. | |||||
| CVE-2004-1188 | 3 Mandrakesoft, Mplayer, Xine | 4 Mandrake Linux, Mplayer, Xine and 1 more | 2017-07-11 | 10.0 HIGH | N/A |
| The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properly verify that the chunk size is less than the PREAMBLE_SIZE, which causes a read operation with a negative length that leads to a buffer overflow via (1) RMF_TAG, (2) DATA_TAG, (3) PROP_TAG, (4) MDPR_TAG, and (5) CONT_TAG values, a different vulnerability than CVE-2004-1187. | |||||
| CVE-2005-2718 | 1 Mplayer | 1 Mplayer | 2016-10-18 | 7.5 HIGH | N/A |
| Buffer overflow in ad_pcm.c in MPlayer 1.0pre7 and earlier allows remote attackers to execute arbitrary code via crafted PCM audio data, as demonstrated using a video file with an audio header containing a large value in a stream format (strf) chunk. | |||||
| CVE-2003-0835 | 1 Mplayer | 1 Mplayer | 2016-10-18 | 7.5 HIGH | N/A |
| Multiple buffer overflows in asf_http_request of MPlayer before 0.92 allows remote attackers to execute arbitrary code via an ASX header with a long hostname. | |||||
| CVE-2011-0723 | 2 Ffmpeg, Mplayer | 2 Ffmpeg, Mplayer | 2011-10-26 | 6.8 MEDIUM | N/A |
| FFmpeg 0.5.x, as used in MPlayer and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed VC-1 file. | |||||
| CVE-2006-6172 | 2 Mplayer, Xine | 2 Mplayer, Real Media Input Plugin | 2011-03-08 | 7.5 HIGH | N/A |
| Buffer overflow in the asmrp_eval function in the RealMedia RTSP stream handler (asmrp.c) for Real Media input plugin, as used in (1) xine/xine-lib, (2) MPlayer 1.0rc1 and earlier, and possibly others, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a rulebook with a large number of rulematches. | |||||
| CVE-2008-4610 | 1 Mplayer | 1 Mplayer | 2009-03-20 | 5.0 MEDIUM | N/A |
| MPlayer allows remote attackers to cause a denial of service (application crash) via (1) a malformed AAC file, as demonstrated by lol-vlc.aac; or (2) a malformed Ogg Media (OGM) file, as demonstrated by lol-ffplay.ogm, different vectors than CVE-2007-6718. | |||||
| CVE-2007-6718 | 1 Mplayer | 1 Mplayer | 2008-10-20 | 4.3 MEDIUM | N/A |
| MPlayer, possibly 1.0rc1, allows remote attackers to cause a denial of service (SIGSEGV and application crash) via (1) a malformed MP3 file, as demonstrated by lol-mplayer.mp3; (2) a malformed Ogg Vorbis file, as demonstrated by lol-mplayer.ogg; (3) a malformed MPEG-1 file, as demonstrated by lol-mplayer.mpg; (4) a malformed MPEG-2 file, as demonstrated by lol-mplayer.m2v; (5) a malformed MPEG-4 AVI file, as demonstrated by lol-mplayer.avi; (6) a malformed FLAC file, as demonstrated by lol-mplayer.flac; (7) a malformed Ogg Theora file, as demonstrated by lol-mplayer.ogm; (8) a malformed WMV file, as demonstrated by lol-mplayer.wmv; or (9) a malformed AAC file, as demonstrated by lol-mplayer.aac. NOTE: vector 5 might overlap CVE-2007-4938, and vector 6 might overlap CVE-2008-0486. | |||||
| CVE-2008-0630 | 1 Mplayer | 1 Mplayer | 2008-09-05 | 6.8 MEDIUM | N/A |
| Buffer overflow in url.c in MPlayer 1.0rc2 and SVN before r25823 allows remote attackers to execute arbitrary code via a crafted URL that prevents the IPv6 parsing code from setting a pointer to NULL, which causes the buffer to be reused by the unescape code. | |||||
| CVE-2008-0629 | 1 Mplayer | 1 Mplayer | 2008-09-05 | 4.3 MEDIUM | N/A |
| Buffer overflow in stream_cddb.c in MPlayer 1.0rc2 and SVN before r25824 allows remote user-assisted attackers to execute arbitrary code via a CDDB database entry containing a long album title. | |||||