Mplayer Security Vulnerabilities and Issues — Mplayer CVE List

Lucene search

MplayerMplayer

8 matches found

CVE•added 2005/05/02 4:0 a.m.•67 views

CVE-2005-1195

Multiple heap-based buffer overflows in the code used to handle (1) MMS over TCP (MMST) streams or (2) RealMedia RTSP streams in xine-lib before 1.0, and other products that use xine-lib such as MPlayer 1.0pre6 and earlier, allow remote malicious servers to execute arbitrary code.

7.5CVSS7.3AI score0.01744EPSS

CVE•added 2007/03/03 7:19 p.m.•63 views

CVE-2007-1246

The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerabili...

7.6CVSS7.2AI score0.08976EPSS

CVE•added 2008/02/05 12:0 p.m.•55 views

CVE-2008-0486

Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow.

7.5CVSS7.3AI score0.0457EPSS

CVE•added 2007/09/18 7:17 p.m.•53 views

CVE-2007-4938

Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry ...

7.6CVSS8.1AI score0.09501EPSS

CVE•added 2005/08/29 8:14 p.m.•46 views

CVE-2005-2718

Buffer overflow in ad_pcm.c in MPlayer 1.0pre7 and earlier allows remote attackers to execute arbitrary code via crafted PCM audio data, as demonstrated using a video file with an audio header containing a large value in a stream format (strf) chunk.

7.5CVSS7.8AI score0.04102EPSS

CVE•added 2006/02/08 1:2 a.m.•45 views

CVE-2006-0579

Multiple integer overflows in (1) the new_demux_packet function in demuxer.h and (2) the demux_asf_read_packet function in demux_asf.c in MPlayer 1.0pre7try2 and earlier allow remote attackers to execute arbitrary code via an ASF file with a large packet length value. NOTE: the provenance of this i...

7.5CVSS7.1AI score0.05656EPSS

CVE•added 2006/11/30 3:28 p.m.•44 views

CVE-2006-6172

Buffer overflow in the asmrp_eval function in the RealMedia RTSP stream handler (asmrp.c) for Real Media input plugin, as used in (1) xine/xine-lib, (2) MPlayer 1.0rc1 and earlier, and possibly others, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a ru...

7.5CVSS7.6AI score0.04458EPSS

CVE•added 2003/11/17 5:0 a.m.•37 views

CVE-2003-0835

Multiple buffer overflows in asf_http_request of MPlayer before 0.92 allows remote attackers to execute arbitrary code via an ASX header with a long hostname.

7.5CVSS7.8AI score0.05063EPSS