Microsoft DirectShow Quicktime Atom Parsing Memory Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required in that a target must visit a malicious page or open a malicious video file. The specific flaw exists within the parsing of the length records of...

Symbian S60多媒体处理内存破坏漏洞

BUGTRAQ ID: 35590 Symbian S60是诺基亚智能手机所使用的操作系统。 S60操作系统的RealPlayer和彩信查看器所使用的多媒体处理代码中存在多个内存破坏漏洞，远程攻击者可以通过发送嵌入了视频文件的彩信来触发这些漏洞，导致控制程序计数器寄存器，在目标手机上执行任意代码。 以下函数库中存在这个漏洞： rarender.dll STH264HWDecHwDevice.dll clntcore.dll HxMmfCtrl.dll mdfh264payloadformat.dll MMFDevSound.dll ArmRV89Codec.dll Nokia Symbi...

amule shell characters vulnerability

Shell characters vulnerability on video file filename...

Input validation

The MPEG-4 video codec in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service device reset via a crafted MPEG-4 video file that triggers an "input validation issue."...

Code injection

Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via crafted image description atoms in an Apple video file, related to a "sign extension issue."...

CVE-2009-0188

Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted movie composed of a Sorenson 3 video file...

CVE-2009-0955

Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via crafted image description atoms in an Apple video file, related to a "sign extension issue."...

CVE-2009-0188

Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted movie composed of a Sorenson 3 video file...

CVE-2009-0955

Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via crafted image description atoms in an Apple video file, related to a "sign extension issue."...

Mandriva Linux Security Advisory : mplayer (MDVSA-2008:219)

A vulnerability that was discovered in xine-lib that allowed remote RTSP servers to execute arbitrary code via a large streamid SDP parameter also affects MPlayer CVE-2008-0073. Several integer overflows were discovered by Felipe Andres Manzano in MPlayer's Real video stream demuxing code. These...

Heap overflow

Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows remote attackers to execute arbitrary code via a...

CVE-2009-0909

Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows remote attackers to execute arbitrary code via a...

CVE-2009-0909

VMware CVE-2009-0909 is the VNnc Codec heap overflow in VMware Workstation 6.5.x before 6.5.2 (build 156735), VMware Player 2.5.x before 2.5.2 (build 156735), VMware ACE 2.5.x before 2.5.2 (build 156735), and VMware Server 2.0.x before 2.0.1 (build 156745). It allows remote code execution via a c...

Debian DSA-1644-1 : mplayer - integer overflow

Felipe Andres Manzano discovered that mplayer, a multimedia player, is vulnerable to several integer overflows in the Real video stream demuxing code. These flaws could allow an attacker to cause a denial of service a crash or potentially execution of arbitrary code by supplying a maliciously...

DSA-1644-1 mplayer - integer overflows

Bulletin has no description...

mplayer -- multiple integer overflows

The remote host is missing an update to the system as announced in the referenced advisory. VID 724e6f93-8f2a-11dd-821f-001cc0377035 OpenVAS Vulnerability Test $ Description: Auto generated from VID 724e6f93-8f2a-11dd-821f-001cc0377035 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

mplayer -- multiple integer overflows

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2008-3827

Multiple integer underflows in the Real demuxer demuxreal.c in MPlayer 1.0rc2 and earlier allow remote attackers to cause a denial of service process termination and possibly execute arbitrary code via a crafted video file that causes the streamread function to read or write arbitrary memory...

CVE-2008-3827

Multiple integer underflows in the Real demuxer demuxreal.c in MPlayer 1.0rc2 and earlier allow remote attackers to cause a denial of service process termination and possibly execute arbitrary code via a crafted video file that causes the streamread function to read or write arbitrary memory...

CVE-2008-3827

Multiple integer underflows in the Real demuxer demuxreal.c in MPlayer 1.0rc2 and earlier allow remote attackers to cause a denial of service process termination and possibly execute arbitrary code via a crafted video file that causes the streamread function to read or write arbitrary memory...