CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
96.9%
Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header.
Vendor | Product | Version | CPE |
---|---|---|---|
mplayer | mplayer | 0.90 | cpe:2.3:a:mplayer:mplayer:0.90:*:*:*:*:*:*:* |
mplayer | mplayer | 0.90_pre | cpe:2.3:a:mplayer:mplayer:0.90_pre:*:*:*:*:*:*:* |
mplayer | mplayer | 0.90_rc | cpe:2.3:a:mplayer:mplayer:0.90_rc:*:*:*:*:*:*:* |
mplayer | mplayer | 0.91 | cpe:2.3:a:mplayer:mplayer:0.91:*:*:*:*:*:*:* |
mplayer | mplayer | 1.0_pre1 | cpe:2.3:a:mplayer:mplayer:1.0_pre1:*:*:*:*:*:*:* |
mplayer | mplayer | 1.0_pre2 | cpe:2.3:a:mplayer:mplayer:1.0_pre2:*:*:*:*:*:*:* |
mplayer | mplayer | 1.0_pre3 | cpe:2.3:a:mplayer:mplayer:1.0_pre3:*:*:*:*:*:*:* |
gentoo | linux | 0.5 | cpe:2.3:o:gentoo:linux:0.5:*:*:*:*:*:*:* |
gentoo | linux | 0.7 | cpe:2.3:o:gentoo:linux:0.7:*:*:*:*:*:*:* |
gentoo | linux | 1.1a | cpe:2.3:o:gentoo:linux:1.1a:*:*:*:*:*:*:* |
marc.info/?l=bugtraq&m=108067020624076&w=2
secunia.com/advisories/11259
security.gentoo.org/glsa/glsa-200403-13.xml
www.kb.cert.org/vuls/id/723910
www.mandriva.com/security/advisories?name=MDKSA-2004:026
www.mplayerhq.hu/homepage/design6/news.html
www.securityfocus.com/archive/1/359025
www.securityfocus.com/bid/10008
exchange.xforce.ibmcloud.com/vulnerabilities/15675