7.6
CVE-2007-4938
- EPSS 6.38%
- Published 18.09.2007 19:17:00
- Last modified 09.04.2025 00:30:58
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value.
Data is provided by the National Vulnerability Database (NVD)
Mplayer ≫ Mplayer Version1.0_rc1
Apple ≫ macOS X
Hp ≫ Hp-ux
Hp ≫ Tru64
Ibm ≫ Aix
Ibm ≫ Os2
Linux ≫ Linux Kernel
Mandrakesoft ≫ Mandrake Linux Version2007
Mandrakesoft ≫ Mandrake Linux Version2007 Editionx86_64
Mandrakesoft ≫ Mandrake Linux Version2007.1
Mandrakesoft ≫ Mandrake Linux Version2007.1 Editionx86_64
Microsoft ≫ Windows 2000
Microsoft ≫ Windows 2003 Server
Microsoft ≫ Windows 98
Microsoft ≫ Windows Me
Microsoft ≫ Windows Nt Version4.0
Microsoft ≫ Windows Xp
Santa Cruz Operation ≫ Sco Unix
Sun ≫ Solaris
Windriver ≫ Bsdos
Hp ≫ Hp-ux
Hp ≫ Tru64
Ibm ≫ Aix
Ibm ≫ Os2
Linux ≫ Linux Kernel
Mandrakesoft ≫ Mandrake Linux Version2007
Mandrakesoft ≫ Mandrake Linux Version2007 Editionx86_64
Mandrakesoft ≫ Mandrake Linux Version2007.1
Mandrakesoft ≫ Mandrake Linux Version2007.1 Editionx86_64
Microsoft ≫ Windows 2000
Microsoft ≫ Windows 2003 Server
Microsoft ≫ Windows 98
Microsoft ≫ Windows Me
Microsoft ≫ Windows Nt Version4.0
Microsoft ≫ Windows Xp
Santa Cruz Operation ≫ Sco Unix
Sun ≫ Solaris
Windriver ≫ Bsdos
Sgi ≫ Irix
Apple ≫ macOS X
Hp ≫ Hp-ux
Hp ≫ Tru64
Ibm ≫ Aix
Ibm ≫ Os2
Linux ≫ Linux Kernel
Mandrakesoft ≫ Mandrake Linux Version2007
Mandrakesoft ≫ Mandrake Linux Version2007 Editionx86_64
Mandrakesoft ≫ Mandrake Linux Version2007.1
Mandrakesoft ≫ Mandrake Linux Version2007.1 Editionx86_64
Microsoft ≫ Windows 2000
Microsoft ≫ Windows 2003 Server
Microsoft ≫ Windows 98
Microsoft ≫ Windows Me
Microsoft ≫ Windows Nt Version4.0
Microsoft ≫ Windows Xp
Santa Cruz Operation ≫ Sco Unix
Sun ≫ Solaris
Windriver ≫ Bsdos
Hp ≫ Hp-ux
Hp ≫ Tru64
Ibm ≫ Aix
Ibm ≫ Os2
Linux ≫ Linux Kernel
Mandrakesoft ≫ Mandrake Linux Version2007
Mandrakesoft ≫ Mandrake Linux Version2007 Editionx86_64
Mandrakesoft ≫ Mandrake Linux Version2007.1
Mandrakesoft ≫ Mandrake Linux Version2007.1 Editionx86_64
Microsoft ≫ Windows 2000
Microsoft ≫ Windows 2003 Server
Microsoft ≫ Windows 98
Microsoft ≫ Windows Me
Microsoft ≫ Windows Nt Version4.0
Microsoft ≫ Windows Xp
Santa Cruz Operation ≫ Sco Unix
Sun ≫ Solaris
Windriver ≫ Bsdos
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 6.38% | 0.907 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.6 | 4.9 | 10 |
AV:N/AC:H/Au:N/C:C/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.