5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
6.5 Medium
AI Score
Confidence
High
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
31.2%
It was discovered that MPlayer could be made to divide by zero when
processing certain malformed media files. If a user were tricked into
opening a specially crafted media file, an attacker could possibly use
this issue to cause MPlayer to crash, resulting in a denial of service.
(CVE-2022-38850, CVE-2022-38860, CVE-2022-38865)
It was discovered that MPlayer could be made to read out of bounds when
processing certain malformed media files. If a user were tricked into
opening a specially crafted media file, an attacker could possibly use
this issue to cause MPlayer to crash, resulting in a denial of service.
(CVE-2022-38851)
It was discovered that MPlayer could be made to write out of bounds when
processing certain malformed media files. If a user were tricked into
opening a specially crafted media file, an attacker could possibly use
this issue to cause MPlayer to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2022-38855, CVE-2022-38858,
CVE-2022-38863, CVE-2022-38864, CVE-2022-38866)
It was discovered that MPlayer did not properly managed memory when
processing certain malformed media files. If a user were tricked into
opening a specially crafted media file, an attacker could possibly use
this issue to cause MPlayer to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2022-38861)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 22.10 | noarch | mencoder | < 2:1.4+ds1-3ubuntu1.1 | UNKNOWN |
Ubuntu | 22.10 | noarch | mencoder-dbgsym | < 2:1.4+ds1-3ubuntu1.1 | UNKNOWN |
Ubuntu | 22.10 | noarch | mplayer | < 2:1.4+ds1-3ubuntu1.1 | UNKNOWN |
Ubuntu | 22.10 | noarch | mplayer-dbgsym | < 2:1.4+ds1-3ubuntu1.1 | UNKNOWN |
Ubuntu | 22.10 | noarch | mplayer-doc | < 2:1.4+ds1-3ubuntu1.1 | UNKNOWN |
Ubuntu | 22.10 | noarch | mplayer-gui | < 2:1.4+ds1-3ubuntu1.1 | UNKNOWN |
Ubuntu | 22.10 | noarch | mplayer-gui-dbgsym | < 2:1.4+ds1-3ubuntu1.1 | UNKNOWN |
Ubuntu | 22.04 | noarch | mencoder | < 2:1.4+ds1-3ubuntu0.1 | UNKNOWN |
Ubuntu | 22.04 | noarch | mencoder-dbgsym | < 2:1.4+ds1-3ubuntu0.1 | UNKNOWN |
Ubuntu | 22.04 | noarch | mplayer | < 2:1.4+ds1-3ubuntu0.1 | UNKNOWN |
ubuntu.com/security/CVE-2022-38850
ubuntu.com/security/CVE-2022-38851
ubuntu.com/security/CVE-2022-38855
ubuntu.com/security/CVE-2022-38858
ubuntu.com/security/CVE-2022-38860
ubuntu.com/security/CVE-2022-38861
ubuntu.com/security/CVE-2022-38863
ubuntu.com/security/CVE-2022-38864
ubuntu.com/security/CVE-2022-38865
ubuntu.com/security/CVE-2022-38866
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
6.5 Medium
AI Score
Confidence
High
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
31.2%