Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-1496-1
HistoryFeb 12, 2008 - 12:00 a.m.

mplayer - arbitrary code execution

2008-02-1200:00:00
Google
osv.dev
5

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

JSON

Several buffer overflows have been discovered in the MPlayer movie player,
which might lead to the execution of arbitrary code. The Common
Vulnerabilities and Exposures project identifies the following problems:

  • CVE-2008-0485
    Felipe Manzano and Anibal Sacco discovered a buffer overflow in
    the demuxer for MOV files.
  • CVE-2008-0486
    Reimar Doeffinger discovered a buffer overflow in the FLAC header
    parsing.
  • CVE-2008-0629
    Adam Bozanich discovered a buffer overflow in the CDDB access code.
  • CVE-2008-0630
    Adam Bozanich discovered a buffer overflow in URL parsing.

The old stable distribution (sarge) doesn’t contain mplayer.

For the stable distribution (etch), these problems have been fixed in
version 1.0~rc1-12etch2.

We recommend that you upgrade your mplayer packages.

Related

nessus 13
openvas 24
securityvulns 6
gentoo 2
freebsd 2
debian 2
prion 5
seebug 1
debiancve 5
cve 5
coresecurity 2
kaspersky 1
fedora 2
ubuntucve 5
osv 1
ubuntu 1
nessus
nessus
Mandriva Linux Security Advisory : xine-lib (MDVSA-2008:046-1)
2009-04-23 00:00:00
GLSA-200803-16 : MPlayer: Multiple buffer overflows
2008-03-13 00:00:00
FreeBSD : mplayer -- multiple vulnerabilities (de4d4110-ebce-11dc-ae14-0016179b2dd5)
2008-03-07 00:00:00
openvas
openvas
mplayer -- multiple vulnerabilities
2008-09-04 00:00:00
mplayer -- multiple vulnerabilities
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200803-16 (mplayer)
2008-09-24 00:00:00
securityvulns
securityvulns
[ GLSA 200803-16 ] MPlayer: Multiple buffer overflows
2008-03-11 00:00:00
MPlayer multiple security vulnerabilities
2008-03-11 00:00:00
Mplayer / Xine multiple security vulnerabilities
2008-02-16 00:00:00
gentoo
gentoo
MPlayer: Multiple buffer overflows
2008-03-10 00:00:00
xine-lib: User-assisted execution of arbitrary code
2008-02-26 00:00:00
freebsd
freebsd
mplayer -- multiple vulnerabilities
2008-02-05 00:00:00
libxine -- buffer overflow vulnerability
2007-02-08 00:00:00
debian
debian
[SECURITY] [DSA 1496-1] New mplayer packages fix arbitrary code execution
2008-02-12 23:00:25
[SECURITY] [DSA 1536-1] New libxine packages fix several vulnerabilities
2008-03-31 20:52:02
prion
prion
Code injection
2008-02-05 12:00:00
Buffer overflow
2008-02-06 21:00:00
Buffer overflow
2008-02-05 12:00:00
seebug
seebug
MPlayer demux_audio.cθΏœη¨‹ζ ˆζΊ’ε‡ΊζΌζ΄ž
2008-02-14 00:00:00
debiancve
debiancve
CVE-2008-0486
2008-02-05 12:00:00
CVE-2008-0485
2008-02-05 12:00:00
CVE-2008-0630
2008-02-06 21:00:00
cve
cve
CVE-2008-0486
2008-02-05 12:00:00
CVE-2008-0629
2008-02-06 21:00:00
CVE-2008-0630
2008-02-06 21:00:00
coresecurity
coresecurity
MPlayer 1.0rc2 Buffer Overflow Vulnerability
2008-02-04 00:00:00
Mplayer Arbitrary Pointer Derreference
2008-02-04 00:00:00
kaspersky
kaspersky
KLA10253 ACE vulnerability in MPlayer
2008-02-05 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: xine-lib-1.1.10.1-1.fc7
2008-02-13 05:12:05
[SECURITY] Fedora 8 Update: xine-lib-1.1.10.1-1.fc8
2008-02-13 05:06:27
ubuntucve
ubuntucve
CVE-2008-0630
2008-02-06 00:00:00
CVE-2008-0629
2008-02-06 00:00:00
CVE-2008-0485
2008-02-05 00:00:00
osv
osv
xine-lib - several vulnerabilities
2008-03-31 00:00:00
ubuntu
ubuntu
xine-lib vulnerabilities
2008-08-06 00:00:00

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

JSON
Related for OSV:DSA-1496-1
nessus13openvas24securityvulns6gentoo2freebsd2debian2prion5seebug1debiancve5cve5coresecurity2kaspersky1fedora2ubuntucve5osv1ubuntu1