5.5

CVE-2022-38858

Exploit
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MplayerhqMencoder Versionsvn-r38374-13.0.1
MplayerhqMplayer Versionsvn-r38374-13.0.1
DebianDebian Linux Version10.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.34% 0.263
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html
Third Party Advisory
Mailing List
https://trac.mplayerhq.hu/ticket/2396
Third Party Advisory
Exploit
Issue Tracking