CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-38863 – Gentoo Linux Security Advisory 202405-05
https://notcve.org/view.php?id=CVE-2022-38863
15 Sep 2022 — Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mp_getbits() of libmpdemux/mpeg_hdr.c which affects mencoder and mplayer. This affects mecoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1. Determinados productos de The MPlayer Project son vulnerables al desbordamiento del búfer por medio de la función mp_getbits() del archivo libmpdemux/mpeg_hdr.c que afecta a mencoder y mplayer. Esto afecta a mecoder SVN-r38374-13.0.1 y mplayer SVN-r38374-13.0.1 It was discovered that... • https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-38864 – Gentoo Linux Security Advisory 202405-05
https://notcve.org/view.php?id=CVE-2022-38864
15 Sep 2022 — Certain The MPlayer Project products are vulnerable to Buffer Overflow via the function mp_unescape03() of libmpdemux/mpeg_hdr.c. This affects mencoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1. Determinados productos de The MPlayer Project son vulnerables al desbordamiento del búfer por la función mp_unescape03() del archivo libmpdemux/mpeg_hdr.c. Esto afecta a mencoder SVN-r38374-13.0.1 y mplayer SVN-r38374-13.0.1 It was discovered that MPlayer could be made to divide by zero when processing certain... • https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-38865 – Gentoo Linux Security Advisory 202405-05
https://notcve.org/view.php?id=CVE-2022-38865
15 Sep 2022 — Certain The MPlayer Project products are vulnerable to Divide By Zero via the function demux_avi_read_packet of libmpdemux/demux_avi.c. This affects mplyer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1. Determinados productos de The MPlayer Project son vulnerables a la división por cero por medio de la función demux_avi_read_packet del archivo libmpdemux/demux_avi.c. Esto afecta a mplayer versión SVN-r38374-13.0.1 y mencoder versión SVN-r38374-13.0.1 It was discovered that MPlayer could be made to divide... • https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html • CWE-369: Divide By Zero •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-38866 – Gentoo Linux Security Advisory 202405-05
https://notcve.org/view.php?id=CVE-2022-38866
15 Sep 2022 — Certain The MPlayer Project products are vulnerable to Buffer Overflow via read_avi_header() of libmpdemux/aviheader.c . This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1. Determinados productos de The MPlayer Project son vulnerables al desbordamiento del búfer por medio de la función read_avi_header() del archivo libmpdemux/aviheader.c . Esto afecta a mplayer versión SVN-r38374-13.0.1 y mencoder versión SVN-r38374-13.0.1 Multiple vulnerabilities have been discovered in MPlayer, the wors... • https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2022-32317
https://notcve.org/view.php?id=CVE-2022-32317
14 Jul 2022 — The MPlayer Project v1.5 was discovered to contain a heap use-after-free resulting in a double free in the preinit function at libvo/vo_v4l2.c. This vulnerability can lead to a Denial of Service (DoS) via a crafted file. The device=strdup statement is not executed on every call. Note: This has been disputed by third parties as invalid and not reproduceable. Se ha detectado que el proyecto MPlayer v1.5 contiene un heap use-after-free que resulta en un doble free en la función preinit en libvo/vo_v4l2.c. • https://bugs.gentoo.org/show_bug.cgi?id=858107 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 19EXPL: 0CVE-2011-0722
https://notcve.org/view.php?id=CVE-2011-0722
20 May 2011 — FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a malformed RealMedia file. FFmpeg antes de v0.5.4, tal como se utiliza en MPlayer y otros productos, permite a atacantes remotos provocar una denegación de servicio (daños en la memoria dinámica y bloqueo de la aplicación) o posiblemente ejecutar código de su elección a través de un formato incorrecto de archiv... • http://ffmpeg.mplayerhq.hu • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 19EXPL: 0CVE-2011-2160
https://notcve.org/view.php?id=CVE-2011-2160
20 May 2011 — The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer and other products, does not properly restrict read operations, which allows remote attackers to have an unspecified impact via a crafted VC-1 file, a related issue to CVE-2011-0723. La funcionalidad de decodificación VC-1 en FFmpeg antes de v0.5.4, tal como se utiliza en MPlayer y otros productos, no restringe correctamente las operaciones de lectura, lo que permite a atacantes remotos tener un impacto no especificado a través de un... • http://ffmpeg.mplayerhq.hu • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 1%CPEs: 20EXPL: 0CVE-2011-2162
https://notcve.org/view.php?id=CVE-2011-2162
20 May 2011 — Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mandriva Enterprise Server 5 (aka MES5) have unknown impact and attack vectors, related to issues "originally discovered by Google Chrome developers." Múltiples vulnerabilidades no especificadas en FFmpeg v0.4.x hasta v0.6.x, tal como se utiliza en MPlayer v1.0 y otros productos, en Mandriva Linux v2009.0, v2010.0 y... • http://www.mandriva.com/security/advisories?name=MDVSA-2011:059 •
CVSS: 8.8EPSS: 1%CPEs: 19EXPL: 0CVE-2010-3908 – Gentoo Linux Security Advisory 201310-12
https://notcve.org/view.php?id=CVE-2010-3908
20 May 2011 — FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file. FFmpeg antes de v0.5.4, tal como se utiliza en MPlayer y otros productos, permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y bloqueo de la aplicación) o posiblemente ejecutar código de su elección a través de un formato incorrecto de archivo WMV. Multiple vu... • http://ffmpeg.mplayerhq.hu • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 5%CPEs: 109EXPL: 0CVE-2010-3429 – Gentoo Linux Security Advisory 201310-13
https://notcve.org/view.php?id=CVE-2010-3429
30 Sep 2010 — flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability." flicvideo.c en libavcodec 0.6 y versiones anteriores en FFmpeg, tal como es usado en MPlayer y otros productos, permite a atacantes remotos ejecutar código de su elección mediante un fichero flic manipulado, relacionado con una "arbitrary offset dereference vulnerability." Multiple vu... • http://git.ffmpeg.org/?p=ffmpeg%3Ba=commit%3Bh=16c592155f117ccd7b86006c45aacc692a81c23b • CWE-94: Improper Control of Generation of Code ('Code Injection') •