Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2007-1387
HistoryMar 13, 2007 - 7:19 p.m.

CVE-2007-1387

2007-03-1319:19:00
[email protected]
web.nvd.nist.gov
43
cve
2007
1387
directshow
buffer overflow
mplayer
xine-lib
remote code execution

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

MULTIPLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:M/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.297 Low

EPSS

Percentile

97.0%

JSON

The DirectShow loader (loader/dshow/DS_VideoDecoder.c) in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than CVE-2007-1246.

Affected configurations

NVD
Node
mplayermplayerRange1.0_rc1
CPENameOperatorVersion
mplayer:mplayermplayerle1.0_rc1

Related

ubuntucve 2
debiancve 2
openvas 22
gentoo 2
prion 2
nvd 2
securityvulns 1
cvelist 2
cve 1
nessus 13
ubuntu 2
osv 1
debian 1
slackware 1
freebsd 1
ubuntucve
ubuntucve
CVE-2007-1387
2007-03-13 00:00:00
CVE-2007-1246
2007-03-03 00:00:00
debiancve
debiancve
CVE-2007-1387
2007-03-13 19:19:00
CVE-2007-1246
2007-03-03 19:19:00
openvas
openvas
Gentoo Security Advisory GLSA 200705-21 (mplayer)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200705-21 (mplayer)
2008-09-24 00:00:00
Mandriva Update for xine-lib MDKSA-2007:062 (xine-lib)
2009-04-09 00:00:00
gentoo
gentoo
MPlayer: Two buffer overflows
2007-05-30 00:00:00
xine-lib: Heap-based buffer overflow
2007-04-14 00:00:00
prion
prion
Buffer overflow
2007-03-13 19:19:00
Buffer overflow
2007-03-03 19:19:00
nvd
nvd
CVE-2007-1387
2007-03-13 19:19:00
CVE-2007-1246
2007-03-03 19:19:00
securityvulns
securityvulns
MPlayer DMO player buffer overflow
2007-03-01 00:00:00
cvelist
cvelist
CVE-2007-1246
2007-03-03 19:00:00
CVE-2007-1387
2007-03-13 19:00:00
cve
cve
CVE-2007-1246
2007-03-03 19:19:00
nessus
nessus
GLSA-200705-21 : MPlayer: Two buffer overflows
2007-06-01 00:00:00
Mandrake Linux Security Advisory : mplayer (MDKSA-2007:055)
2007-03-12 00:00:00
Mandrake Linux Security Advisory : xine-lib (MDKSA-2007:062)
2007-03-16 00:00:00
ubuntu
ubuntu
Xine vulnerability
2007-03-12 00:00:00
Xine vulnerability
2007-03-09 00:00:00
osv
osv
xine-lib - several vulnerabilities
2008-03-31 00:00:00
debian
debian
[SECURITY] [DSA 1536-1] New libxine packages fix several vulnerabilities
2008-03-31 20:51:58
slackware
slackware
[slackware-security] xine-lib
2007-04-20 02:55:26
freebsd
freebsd
mplayer -- DMO File Parsing Buffer Overflow Vulnerability
2007-02-11 00:00:00

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

MULTIPLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:M/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.297 Low

EPSS

Percentile

97.0%

JSON
Related for CVE-2007-1387
ubuntucve2debiancve2openvas22gentoo2prion2nvd2securityvulns1cvelist2cve1nessus13ubuntu2osv1debian1slackware1freebsd1