Mplayer

Mplayer

28 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2011-0723

  • EPSS 1.01%
  • Veröffentlicht 20.05.2011 22:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

FFmpeg 0.5.x, as used in MPlayer and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed VC-1 file.

10

CVE-2008-5616

  • EPSS 30.64%
  • Veröffentlicht 17.12.2008 01:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Stack-based buffer overflow in the demux_open_vqf function in libmpdemux/demux_vqf.c in MPlayer 1.0 rc2 before r28150 allows remote attackers to execute arbitrary code via a malformed TwinVQ file.

5

CVE-2008-4610

  • EPSS 4.46%
  • Veröffentlicht 20.10.2008 17:59:26
  • Zuletzt bearbeitet 09.04.2025 00:30:58

MPlayer allows remote attackers to cause a denial of service (application crash) via (1) a malformed AAC file, as demonstrated by lol-vlc.aac; or (2) a malformed Ogg Media (OGM) file, as demonstrated by lol-ffplay.ogm, different vectors than CVE-2007...

4.3

CVE-2007-6718

  • EPSS 0.44%
  • Veröffentlicht 20.10.2008 17:59:23
  • Zuletzt bearbeitet 09.04.2025 00:30:58

MPlayer, possibly 1.0rc1, allows remote attackers to cause a denial of service (SIGSEGV and application crash) via (1) a malformed MP3 file, as demonstrated by lol-mplayer.mp3; (2) a malformed Ogg Vorbis file, as demonstrated by lol-mplayer.ogg; (3) ...

9.3

CVE-2008-3827

  • EPSS 3.57%
  • Veröffentlicht 29.09.2008 19:25:59
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple integer underflows in the Real demuxer (demux_real.c) in MPlayer 1.0_rc2 and earlier allow remote attackers to cause a denial of service (process termination) and possibly execute arbitrary code via a crafted video file that causes the strea...

10

CVE-2008-1558

  • EPSS 21.94%
  • Veröffentlicht 31.03.2008 17:44:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Uncontrolled array index in the sdpplin_parse function in stream/realrtsp/sdpplin.c in MPlayer 1.0 rc2 allows remote attackers to overwrite memory and execute arbitrary code via a large streamid SDP parameter. NOTE: this issue has been referred to a...

6.8

CVE-2008-0630

  • EPSS 6.99%
  • Veröffentlicht 06.02.2008 21:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Buffer overflow in url.c in MPlayer 1.0rc2 and SVN before r25823 allows remote attackers to execute arbitrary code via a crafted URL that prevents the IPv6 parsing code from setting a pointer to NULL, which causes the buffer to be reused by the unesc...

4.3

CVE-2008-0629

  • EPSS 2.65%
  • Veröffentlicht 06.02.2008 21:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Buffer overflow in stream_cddb.c in MPlayer 1.0rc2 and SVN before r25824 allows remote user-assisted attackers to execute arbitrary code via a CDDB database entry containing a long album title.

7.5

CVE-2008-0486

Exploit
  • EPSS 4.57%
  • Veröffentlicht 05.02.2008 12:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a ...

9.3

CVE-2008-0485

Exploit
  • EPSS 19.85%
  • Veröffentlicht 05.02.2008 12:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Array index error in libmpdemux/demux_mov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag.