CVSS: 10.0EPSS: 1%CPEs: 20EXPL: 0CVE-2011-2162
https://notcve.org/view.php?id=CVE-2011-2162
20 May 2011 — Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mandriva Enterprise Server 5 (aka MES5) have unknown impact and attack vectors, related to issues "originally discovered by Google Chrome developers." Múltiples vulnerabilidades no especificadas en FFmpeg v0.4.x hasta v0.6.x, tal como se utiliza en MPlayer v1.0 y otros productos, en Mandriva Linux v2009.0, v2010.0 y... • http://www.mandriva.com/security/advisories?name=MDVSA-2011:059 •
CVSS: 8.8EPSS: 5%CPEs: 109EXPL: 0CVE-2010-3429 – Gentoo Linux Security Advisory 201310-13
https://notcve.org/view.php?id=CVE-2010-3429
30 Sep 2010 — flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability." flicvideo.c en libavcodec 0.6 y versiones anteriores en FFmpeg, tal como es usado en MPlayer y otros productos, permite a atacantes remotos ejecutar código de su elección mediante un fichero flic manipulado, relacionado con una "arbitrary offset dereference vulnerability." Multiple vu... • http://git.ffmpeg.org/?p=ffmpeg%3Ba=commit%3Bh=16c592155f117ccd7b86006c45aacc692a81c23b • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 30%CPEs: 20EXPL: 0CVE-2008-5616
https://notcve.org/view.php?id=CVE-2008-5616
17 Dec 2008 — Stack-based buffer overflow in the demux_open_vqf function in libmpdemux/demux_vqf.c in MPlayer 1.0 rc2 before r28150 allows remote attackers to execute arbitrary code via a malformed TwinVQ file. Desbordamiento de búfer basado en pila en la función demux_open_vqf en libmpdemux/demux_vqf.c en MPlayer v1.0 rc2 anterior a r28150 que permite a atacantes remotos ejecutar código a su elección a través de un fichero malformado TwinVQ. • http://secunia.com/advisories/33136 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 0CVE-2007-6718 – Gentoo Linux Security Advisory 201310-13
https://notcve.org/view.php?id=CVE-2007-6718
20 Oct 2008 — MPlayer, possibly 1.0rc1, allows remote attackers to cause a denial of service (SIGSEGV and application crash) via (1) a malformed MP3 file, as demonstrated by lol-mplayer.mp3; (2) a malformed Ogg Vorbis file, as demonstrated by lol-mplayer.ogg; (3) a malformed MPEG-1 file, as demonstrated by lol-mplayer.mpg; (4) a malformed MPEG-2 file, as demonstrated by lol-mplayer.m2v; (5) a malformed MPEG-4 AVI file, as demonstrated by lol-mplayer.avi; (6) a malformed FLAC file, as demonstrated by lol-mplayer.flac; (7)... • http://sam.zoy.org/blog/2007-01-16-exposing-file-parsing-vulnerabilities •
CVSS: 6.5EPSS: 3%CPEs: 20EXPL: 2CVE-2008-4610 – MPlayer - '.AAC' File Handling Denial of Service
https://notcve.org/view.php?id=CVE-2008-4610
20 Oct 2008 — MPlayer allows remote attackers to cause a denial of service (application crash) via (1) a malformed AAC file, as demonstrated by lol-vlc.aac; or (2) a malformed Ogg Media (OGM) file, as demonstrated by lol-ffplay.ogm, different vectors than CVE-2007-6718. MPlayer permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) mediante (1) un archivo mal formado, como lo demuestra lol-vlc.aac; o (2) un archivo malformado Ogg Media (OGM), como lo demuestra lol-ffplay.ogm, vectores di... • https://www.exploit-db.com/exploits/32856 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 2%CPEs: 21EXPL: 0CVE-2008-3827
https://notcve.org/view.php?id=CVE-2008-3827
29 Sep 2008 — Multiple integer underflows in the Real demuxer (demux_real.c) in MPlayer 1.0_rc2 and earlier allow remote attackers to cause a denial of service (process termination) and possibly execute arbitrary code via a crafted video file that causes the stream_read function to read or write arbitrary memory. Mútiples desbordamientos de entero en MPlayer v1.0_rc2 y anteriores permite a atacantes remotos provocar una denegación de servicio (finalización de proceso) y posiblemente ejecutar código de su elección mediant... • http://secunia.com/advisories/32045 • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 20%CPEs: 1EXPL: 1CVE-2008-1558 – MPlayer 1.0 rc2 - 'sdpplin_parse()' Array Indexing Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2008-1558
31 Mar 2008 — Uncontrolled array index in the sdpplin_parse function in stream/realrtsp/sdpplin.c in MPlayer 1.0 rc2 allows remote attackers to overwrite memory and execute arbitrary code via a large streamid SDP parameter. NOTE: this issue has been referred to as an integer overflow. Índice de array sin controlar en la función sdpplin_parse de stream/realrtsp/sdpplin.c en MPlayer 1.0 rc2 permite a atacantes remotos sobrescribir memoria y ejecutar código de su elección a través de un parámetro streamid SDP grande. NOTA: ... • https://www.exploit-db.com/exploits/5307 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 17%CPEs: 1EXPL: 2CVE-2008-0485 – MPlayer 1.0rc2 - 'demux_mov.c' Remote Code Execution
https://notcve.org/view.php?id=CVE-2008-0485
05 Feb 2008 — Array index error in libmpdemux/demux_mov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag. Error en el índice de array en libmpdemux/demux_mov.c de MPlayer 1.0 rc2 y versiones anteriores. Podría permitir a atacantes remotos ejecutar código de su elección a través de un archivo MOV de QuickTime modificado con una etiqueta stsc atom. • https://www.exploit-db.com/exploits/31076 • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 9%CPEs: 21EXPL: 3CVE-2007-4938 – MPlayer 1.0 - AVIHeader.C Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-4938
18 Sep 2007 — Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value. Desbordamiento de búfer basado en pila en libmpdemux/aviheader.c en MPlayer 1.0rc1 y anteriores permite a atacantes remotos provocar denegación de servicio (caida de aplicación) o posiblemente ejecutar códi... • https://www.exploit-db.com/exploits/30578 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 8%CPEs: 1EXPL: 0CVE-2007-2948
https://notcve.org/view.php?id=CVE-2007-2948
07 Jun 2007 — Multiple stack-based buffer overflows in stream/stream_cddb.c in MPlayer before 1.0rc1try3 allow remote attackers to execute arbitrary code via a CDDB entry with a long (1) album title or (2) category. Múltiples desbordamientos de búfer basados en pila en el stream/stream_cddb.c del MPlayer en versiones anteriores a la 1.0rc1try3 permite a atacantes remotos ejecutar código de su elección a través de una entrada CDDB con un (1) título de álbum largo o (2) una categoría larga. • http://lists.mplayerhq.hu/pipermail/mplayer-announce/2007-June/000066.html •