Page 3 of 20 results (0.021 seconds)

CVSS: 5.1EPSS: 2%CPEs: 1EXPL: 0

Multiple integer overflows in MPlayer 1.0pre7try2 allow remote attackers to cause a denial of service and trigger heap-based buffer overflows via (1) a certain ASF file handled by asfheader.c that causes the asf_descrambling function to be passed a negative integer after the conversion from a char to an int or (2) an AVI file with a crafted wLongsPerEntry or nEntriesInUse value in the indx chunk, which is handled in aviheader.c. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044615.html http://secunia.com/advisories/19418 http://secunia.com/advisories/19565 http://secunia.com/advisories/19919 http://securityreason.com/securityalert/532 http://securityreason.com/securityalert/647 http://securitytracker.com/id?1015842 http://www.gentoo.org/security/en/glsa/glsa-200605-01.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:068 http://www.osvdb.org/24246 http://www.osvdb.org/2 •

CVSS: 7.5EPSS: 14%CPEs: 1EXPL: 0

Multiple integer overflows in (1) the new_demux_packet function in demuxer.h and (2) the demux_asf_read_packet function in demux_asf.c in MPlayer 1.0pre7try2 and earlier allow remote attackers to execute arbitrary code via an ASF file with a large packet length value. NOTE: the provenance of this information is unknown; portions of the details are obtained from third party information. Múltiples desbordamientos de enteros en (1) la función new_demux_packet en demuxer.h y (2) la función demux_asf_read_packet en demux_asf.c en MPlayer 1.0pre7try2 y anteriores permite a atacantes remotos ejecutar código de su elección mediante un fichero ASF con un valor de longitud de paquete grande. NOTA: la proveniencia de esta información es desconocida, parte de los detalles son obtenidos de información de terceras partes. • http://secunia.com/advisories/18718 http://secunia.com/advisories/19114 http://www.gentoo.org/security/en/glsa/glsa-200603-03.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:048 http://www.vupen.com/english/advisories/2006/0457 https://exchange.xforce.ibmcloud.com/vulnerabilities/24531 •

CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 0

Buffer overflow in ad_pcm.c in MPlayer 1.0pre7 and earlier allows remote attackers to execute arbitrary code via crafted PCM audio data, as demonstrated using a video file with an audio header containing a large value in a stream format (strf) chunk. • http://marc.info/?l=full-disclosure&m=112484733122809&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2005:158 http://www.securityfocus.com/bid/14652 http://www.sven-tantau.de/public_files/mplayer/mplayer_20050824.txt https://bugs.gentoo.org/show_bug.cgi?id=103555 •

CVSS: 7.5EPSS: 1%CPEs: 16EXPL: 0

Multiple heap-based buffer overflows in the code used to handle (1) MMS over TCP (MMST) streams or (2) RealMedia RTSP streams in xine-lib before 1.0, and other products that use xine-lib such as MPlayer 1.0pre6 and earlier, allow remote malicious servers to execute arbitrary code. • http://cvs.sourceforge.net/viewcvs.py/xine/xine-lib/src/input/librtsp/rtsp.c?r1=1.18&r2=1.19&diff_format=u http://cvs.sourceforge.net/viewcvs.py/xine/xine-lib/src/input/mms.c?r1=1.55&r2=1.56&diff_format=u http://seclists.org/lists/bugtraq/2005/Apr/0337.html http://secunia.com/advisories/15014 http://securitytracker.com/id?1013771 http://www.gentoo.org/security/en/glsa/glsa-200504-19.xml http://www.mplayerhq.hu/homepage/design7/news.html#vuln10 http:/&#x •

CVSS: 10.0EPSS: 4%CPEs: 78EXPL: 0

Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows remote attackers to execute arbitrary code via long PNA_TAG values, a different vulnerability than CVE-2004-1188. • http://cvs.sourceforge.net/viewcvs.py/xine/xine-lib/src/input/pnm.c?r1=1.20&r2=1.21 http://www.idefense.com/application/poi/display?id=176&type=vulnerabilities http://www.mandriva.com/security/advisories?name=MDKSA-2005:011 http://www.mplayerhq.hu/MPlayer/patches/pnm_fix_20041215.diff https://exchange.xforce.ibmcloud.com/vulnerabilities/18640 •