Lucene search

[email protected]CVE-2011-3625

HistoryJun 11, 2014 - 2:55 p.m.

CVE-2011-3625

2014-06-1114:55:06

CWE-119

[email protected]

web.nvd.nist.gov

cve-2011-3625

buffer overflow

mplayer

smplayer

sami

subtitle

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

High

0.843 High

EPSS

Percentile

98.5%

JSON

Stack-based buffer overflow in the sub_read_line_sami function in subreader.c in MPlayer, as used in SMPlayer 0.6.9, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a SAMI subtitle file.

Affected configurations

NVD

Node

mplayer2mplayer2Match-

ricardo_villalbasmplayerMatch0.6.9

CPENameOperatorVersion
mplayer2:mplayer2mplayer2eq-
ricardo_villalba:smplayerricardo villalba smplayereq0.6.9

CPE	Name	Operator	Version
mplayer2:mplayer2	mplayer2	eq	-
ricardo_villalba:smplayer	ricardo villalba smplayer	eq	0.6.9

References

git.mplayer2.org/mplayer2/commit/?id=27b88a09c5319deb62221b8cd0ecc14cd1136e4a

secunia.com/advisories/55486

security.gentoo.org/glsa/glsa-201310-13.xml

www.openwall.com/lists/oss-security/2011/10/18/12

labs.mwrinfosecurity.com/system/assets/149/original/mwri_mplayer-sami-subtitles_2011-08-12.pdf

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

High

0.843 High

EPSS

Percentile

98.5%

JSON

Related for CVE-2011-3625

debiancve1 prion1 nvd1 ubuntucve1 cvelist1 openvas1 nessus1 gentoo1