CVSS: 8.8EPSS: 2%CPEs: 5EXPL: 0CVE-2011-0723
https://notcve.org/view.php?id=CVE-2011-0723
20 May 2011 — FFmpeg 0.5.x, as used in MPlayer and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed VC-1 file. FFmpeg v0.5.x, tal como se utiliza en MPlayer y otros productos, permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de un formato incorrecto de archivo VC-1. • http://ffmpeg.mplayerhq.hu • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 18%CPEs: 20EXPL: 0CVE-2008-5616
https://notcve.org/view.php?id=CVE-2008-5616
17 Dec 2008 — Stack-based buffer overflow in the demux_open_vqf function in libmpdemux/demux_vqf.c in MPlayer 1.0 rc2 before r28150 allows remote attackers to execute arbitrary code via a malformed TwinVQ file. Desbordamiento de búfer basado en pila en la función demux_open_vqf en libmpdemux/demux_vqf.c en MPlayer v1.0 rc2 anterior a r28150 que permite a atacantes remotos ejecutar código a su elección a través de un fichero malformado TwinVQ. • http://secunia.com/advisories/33136 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 15EXPL: 0CVE-2008-4867
https://notcve.org/view.php?id=CVE-2008-4867
31 Oct 2008 — Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917, as used by MPlayer, allows context-dependent attackers to have an unknown impact via vectors related to an incorrect DCA_MAX_FRAME_SIZE value. Desbordamiento de búfer en libavcodec/dca.c en FFmpeg 0.4.9 antes de r14917, como es usado por MPlayer, permite a atacantes dependientes del contexto tener un impacto desconocido mediante vectores relacionados con un valor DCA_MAX_FRAME_SIZE incorrecto. • http://archives.neohapsis.com/archives/fulldisclosure/2008-09/0103.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 15EXPL: 0CVE-2008-4869
https://notcve.org/view.php?id=CVE-2008-4869
31 Oct 2008 — FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attackers to cause a denial of service (memory consumption) via unknown vectors, aka a "Tcp/udp memory leak." FFmpeg 0.4.9, del modo que lo usa MPlayer, permite a atacantes dependientes del contexto provocar una denegación de servicio (agotamiento de memoria) mediante vectores desconocidos, también conocido como "Tcp/udp memory leak (fuga de memoria tcp/udp)". • http://archives.neohapsis.com/archives/fulldisclosure/2008-09/0103.html • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 0%CPEs: 15EXPL: 0CVE-2008-4868
https://notcve.org/view.php?id=CVE-2008-4868
31 Oct 2008 — Unspecified vulnerability in the avcodec_close function in libavcodec/utils.c in FFmpeg 0.4.9 before r14787, as used by MPlayer, has unknown impact and attack vectors, related to a free "on random pointers." Vulnerabilidad no especificada en la función avcodec_close en libavcodec/utils.c en FFmpeg 0.4.9 antes de r14787, como lo usa MPlayer, tiene un impacto y vectores de ataque desconocidos, relacionado con una liberación de "punteros aleatorios". • http://archives.neohapsis.com/archives/fulldisclosure/2008-09/0103.html •
CVSS: 10.0EPSS: 0%CPEs: 15EXPL: 3CVE-2008-4866
https://notcve.org/view.php?id=CVE-2008-4866
31 Oct 2008 — Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9 before r14715, as used by MPlayer, allow context-dependent attackers to have an unknown impact via vectors related to execution of DTS generation code with a delay greater than MAX_REORDER_DELAY. Múltiples desbordamientos de búfer en libavformat/utils.c en FFmpeg 0.4.9 antes de r14715, como lo usa MPlayer, permite a atacantes dependientes del contexto tener un impacto desconocido mediante vectores relacionados con código de generación de DTS c... • http://archives.neohapsis.com/archives/fulldisclosure/2008-09/0103.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 18%CPEs: 20EXPL: 2CVE-2008-4610 – MPlayer - '.AAC' File Handling Denial of Service
https://notcve.org/view.php?id=CVE-2008-4610
20 Oct 2008 — MPlayer allows remote attackers to cause a denial of service (application crash) via (1) a malformed AAC file, as demonstrated by lol-vlc.aac; or (2) a malformed Ogg Media (OGM) file, as demonstrated by lol-ffplay.ogm, different vectors than CVE-2007-6718. MPlayer permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) mediante (1) un archivo mal formado, como lo demuestra lol-vlc.aac; o (2) un archivo malformado Ogg Media (OGM), como lo demuestra lol-ffplay.ogm, vectores di... • https://www.exploit-db.com/exploits/32856 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 0CVE-2007-6718 – Gentoo Linux Security Advisory 201310-13
https://notcve.org/view.php?id=CVE-2007-6718
20 Oct 2008 — MPlayer, possibly 1.0rc1, allows remote attackers to cause a denial of service (SIGSEGV and application crash) via (1) a malformed MP3 file, as demonstrated by lol-mplayer.mp3; (2) a malformed Ogg Vorbis file, as demonstrated by lol-mplayer.ogg; (3) a malformed MPEG-1 file, as demonstrated by lol-mplayer.mpg; (4) a malformed MPEG-2 file, as demonstrated by lol-mplayer.m2v; (5) a malformed MPEG-4 AVI file, as demonstrated by lol-mplayer.avi; (6) a malformed FLAC file, as demonstrated by lol-mplayer.flac; (7)... • http://sam.zoy.org/blog/2007-01-16-exposing-file-parsing-vulnerabilities •
CVSS: 9.3EPSS: 5%CPEs: 21EXPL: 0CVE-2008-3827
https://notcve.org/view.php?id=CVE-2008-3827
29 Sep 2008 — Multiple integer underflows in the Real demuxer (demux_real.c) in MPlayer 1.0_rc2 and earlier allow remote attackers to cause a denial of service (process termination) and possibly execute arbitrary code via a crafted video file that causes the stream_read function to read or write arbitrary memory. Mútiples desbordamientos de entero en MPlayer v1.0_rc2 y anteriores permite a atacantes remotos provocar una denegación de servicio (finalización de proceso) y posiblemente ejecutar código de su elección mediant... • http://secunia.com/advisories/32045 • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 45%CPEs: 1EXPL: 1CVE-2008-1558 – MPlayer 1.0 rc2 - 'sdpplin_parse()' Array Indexing Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2008-1558
31 Mar 2008 — Uncontrolled array index in the sdpplin_parse function in stream/realrtsp/sdpplin.c in MPlayer 1.0 rc2 allows remote attackers to overwrite memory and execute arbitrary code via a large streamid SDP parameter. NOTE: this issue has been referred to as an integer overflow. Índice de array sin controlar en la función sdpplin_parse de stream/realrtsp/sdpplin.c en MPlayer 1.0 rc2 permite a atacantes remotos sobrescribir memoria y ejecutar código de su elección a través de un parámetro streamid SDP grande. NOTA: ... • https://www.exploit-db.com/exploits/5307 • CWE-189: Numeric Errors •