Page 2 of 20 results (0.003 seconds)

CVSS: 9.3EPSS: 5%CPEs: 21EXPL: 0

Multiple integer underflows in the Real demuxer (demux_real.c) in MPlayer 1.0_rc2 and earlier allow remote attackers to cause a denial of service (process termination) and possibly execute arbitrary code via a crafted video file that causes the stream_read function to read or write arbitrary memory. Mútiples desbordamientos de entero en MPlayer v1.0_rc2 y anteriores permite a atacantes remotos provocar una denegación de servicio (finalización de proceso) y posiblemente ejecutar código de su elección mediante un fichero de vídeo manipulado que provoca que la función stream_read lea o escriba en una zona de memoria de su elección. • http://secunia.com/advisories/32045 http://secunia.com/advisories/32153 http://securityreason.com/securityalert/4326 http://svn.mplayerhq.hu/mplayer/trunk/libmpdemux/demux_real.c?r1=27314&r2=27675 http://www.debian.org/security/2008/dsa-1644 http://www.mandriva.com/security/advisories?name=MDVSA-2008:219 http://www.ocert.org/advisories/ocert-2008-013.html http://www.securityfocus.com/archive/1/496806/100/0/threaded http://www.securityfocus.com/bid/31473 http://www.securitytr • CWE-189: Numeric Errors •

CVSS: 9.3EPSS: 20%CPEs: 1EXPL: 2

Array index error in libmpdemux/demux_mov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag. Error en el índice de array en libmpdemux/demux_mov.c de MPlayer 1.0 rc2 y versiones anteriores. Podría permitir a atacantes remotos ejecutar código de su elección a través de un archivo MOV de QuickTime modificado con una etiqueta stsc atom. • https://www.exploit-db.com/exploits/31076 http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060032.html http://secunia.com/advisories/28779 http://secunia.com/advisories/28955 http://secunia.com/advisories/28956 http://secunia.com/advisories/29307 http://security.gentoo.org/glsa/glsa-200803-16.xml http://securityreason.com/securityalert/3607 http://www.coresecurity.com/?action=item&id=2102 http://www.debian.org/security/2008/dsa-1496 http://www.mandriva.com • CWE-189: Numeric Errors •

CVSS: 6.8EPSS: 12%CPEs: 1EXPL: 0

The DirectShow loader (loader/dshow/DS_VideoDecoder.c) in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than CVE-2007-1246. El cargador DirectShow (loader/dshow/DS_VideoDecoder.c) en MPlayer 1.0rc1 y anteriores, como el usado en xine-lib, no establece el biSize antes de usarse en memcpy, lo cual permite a atacantes remotos con la complicidad del usuario provocar un desbordamiento de búfer y posiblemente ejecutar código de su elección, una vulnerabilidad diferente que CVE-2007-1246. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414072 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414072%3Bmsg=12%3Bfilename=DS_VideoDecoder.c---SVN--22205.patch%3Batt=1 http://secunia.com/advisories/24443 http://secunia.com/advisories/24444 http://secunia.com/advisories/24462 http://secunia.com/advisories/25462 http://secunia.com/advisories/29601 http://security.gentoo.org/glsa/glsa-200705-21.xml http://www.debian.org/security/2008/dsa-1536 http://www.mandr •

CVSS: 7.6EPSS: 33%CPEs: 1EXPL: 0

The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than CVE-2007-1387. La función DMO_VideoDecoder_Open en el archivo loader/dmo/DMO_VideoDecoder.c en MPlayer versión 1.0rc1 y anteriores, tal como es usado en xine-lib, no establece el biSize antes de usarlo en un memcpy, lo que permite que atacantes remotos asistidos por el usuario causen un desbordamiento del búfer y posiblemente ejecuten código arbitrario, una vulnerabilidad diferente al CVE-2007-1387. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/052738.html http://secunia.com/advisories/24443 http://secunia.com/advisories/24444 http://secunia.com/advisories/24446 http://secunia.com/advisories/24448 http://secunia.com/advisories/24462 http://secunia.com/advisories/24866 http://secunia.com/advisories/24897 http://secunia.com/advisories/24995 http://secunia.com/advisories/25462 http://secunia.com/advisories/29601 http://security.gentoo.org/glsa/glsa-200704- • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 9%CPEs: 2EXPL: 1

Buffer overflow in the asmrp_eval function in the RealMedia RTSP stream handler (asmrp.c) for Real Media input plugin, as used in (1) xine/xine-lib, (2) MPlayer 1.0rc1 and earlier, and possibly others, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a rulebook with a large number of rulematches. Desbordamiento de búfer en la función asmrp_eval para el extensión de entrada a Real Media permite a atacantes remotos provocar una denegación de servicio y la posibilidad de ejecutar código de su elección mediante un libro de reglas con un gran número de coincidencias con estas reglas. • http://secunia.com/advisories/23218 http://secunia.com/advisories/23242 http://secunia.com/advisories/23249 http://secunia.com/advisories/23301 http://secunia.com/advisories/23335 http://secunia.com/advisories/23512 http://secunia.com/advisories/23567 http://secunia.com/advisories/24336 http://secunia.com/advisories/24339 http://secunia.com/advisories/25555 http://security.gentoo.org/glsa/glsa-200612-02.xml http://security.gentoo.org/glsa/glsa-200702-11.xml http://s •