EUVD-2005-1198

Malware in sbrugna...

SUSE CVE-2004-1285

Buffer overflow in the getheader function in asfmmststreaming.c for MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a crafted ASF video stream...

MPlayer 0.9/1.0 MMST Get_Header Remote Client-Side Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11962/info A remote, client-side buffer overflow vulnerability reportedly affects MPlayer. This issue is due to a failure of the application to properly validate the length of user-supplied strings prior to copying them...

Debian DSA-1819-1 : vlc - several vulnerabilities

Several vulnerabilities have been discovered in vlc, a multimedia player and streamer. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-1768 Drew Yao discovered that multiple integer overflows in the MP4 demuxer, Real demuxer and Cinepak codec can le...

mplayer & libxine -- MMS and Real RTSP buffer overflow vulnerabilities

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2008-3794

Integer signedness error in the mmsReceiveCommand function in modules/access/mms/mmstu.c in VLC Media Player 0.8.6i allows remote attackers to execute arbitrary code via a crafted mmst link with a negative size value, which bypasses a size check and triggers an integer overflow followed by a...

CVE-2008-3794

Integer signedness error in the mmsReceiveCommand function in modules/access/mms/mmstu.c in VLC Media Player 0.8.6i allows remote attackers to execute arbitrary code via a crafted mmst link with a negative size value, which bypasses a size check and triggers an integer overflow followed by a...

DEBIAN-CVE-2008-3794

Integer signedness error in the mmsReceiveCommand function in modules/access/mms/mmstu.c in VLC Media Player 0.8.6i allows remote attackers to execute arbitrary code via a crafted mmst link with a negative size value, which bypasses a size check and triggers an integer overflow followed by a...

CVE-2008-3794

Integer signedness error in the mmsReceiveCommand function in modules/access/mms/mmstu.c in VLC Media Player 0.8.6i allows remote attackers to execute arbitrary code via a crafted mmst link with a negative size value, which bypasses a size check and triggers an integer overflow followed by a...

vlcmms-overflow.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - Orange Bat advisory - Name : VLC 0.8.6i MMS Protocol Handling Class : Heap Overflow Published : 2008-08-24 Credit : g g orange-bat com - - Details - This can be exploited from remote. User have to open mmst:// link poiting to server controlled by...

FreeBSD : mplayer -- multiple vulnerabilities (85d76f02-5380-11d9-a9e7-0001020eed82)

iDEFENSE and the MPlayer Team have found multiple vulnerabilities in MPlayer : - Potential heap overflow in Real RTSP streaming code - Potential stack overflow in MMST streaming code - Multiple buffer overflows in BMP demuxer - Potential heap overflow in pnm streaming code - Potential buffer...

MMS Ripper Microsoft Media Services streams buffer overflow

Heap overflow on MMST stream ID parsing...

Mandrake Linux Security Advisory : mplayer (MDKSA-2005:115)

Two heap overflows were discovered in mplayer's code handling the RealMedia RTSP and Microsoft Media Services streams over TCP MMST. These vulnerabilities could allow for a malicious server to execute arbitrary code on the client computer with the permissions of the user running MPlayer. The...

GLSA-200504-27 : xine-lib: Two heap overflow vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200504-27 xine-lib: Two heap overflow vulnerabilities Heap overflows have been found in the code handling RealMedia RTSP and Microsoft Media Services streams over TCP MMST. Impact : By setting up a malicious server and enticing a...

CVE-2005-1195

CVE-2005-1195 affects xine-lib before 1.0 and products using it (e.g., MPlayer 1.0pre6 and earlier). Multiple heap-based buffer overflows in MMS over TCP (MMST) and RealMedia RTSP stream handling allow remote attackers to execute arbitrary code. Impact: code execution with the user’s privileges; ...

MPlayer: Two heap overflow vulnerabilities

Background MPlayer is a media player capable of handling multiple multimedia file formats. Description Heap overflows have been found in the code handling RealMedia RTSP and Microsoft Media Services streams over TCP MMST. Impact By setting up a malicious server and enticing a user to use its...

CVE-2004-1310

Stack-based buffer overflow in the asfmmststreaming.c functionality for MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a large MMST stream packet...

CVE-2004-1310

Stack-based buffer overflow in the asfmmststreaming.c functionality for MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a large MMST stream packet...

CVE-2004-1310

Stack-based buffer overflow in the asfmmststreaming.c functionality for MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a large MMST stream packet...

mplayer -- multiple vulnerabilities

iDEFENSE and the MPlayer Team have found multiple vulnerabilities in MPlayer: Potential heap overflow in Real RTSP streaming code Potential stack overflow in MMST streaming code Multiple buffer overflows in BMP demuxer Potential heap overflow in pnm streaming code Potential buffer overflow in...