Page 3 of 22 results (0.020 seconds)

CVSS: 7.6EPSS: 33%CPEs: 1EXPL: 0

The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than CVE-2007-1387. La función DMO_VideoDecoder_Open en el archivo loader/dmo/DMO_VideoDecoder.c en MPlayer versión 1.0rc1 y anteriores, tal como es usado en xine-lib, no establece el biSize antes de usarlo en un memcpy, lo que permite que atacantes remotos asistidos por el usuario causen un desbordamiento del búfer y posiblemente ejecuten código arbitrario, una vulnerabilidad diferente al CVE-2007-1387. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/052738.html http://secunia.com/advisories/24443 http://secunia.com/advisories/24444 http://secunia.com/advisories/24446 http://secunia.com/advisories/24448 http://secunia.com/advisories/24462 http://secunia.com/advisories/24866 http://secunia.com/advisories/24897 http://secunia.com/advisories/24995 http://secunia.com/advisories/25462 http://secunia.com/advisories/29601 http://security.gentoo.org/glsa/glsa-200704- • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 9%CPEs: 2EXPL: 1

Buffer overflow in the asmrp_eval function in the RealMedia RTSP stream handler (asmrp.c) for Real Media input plugin, as used in (1) xine/xine-lib, (2) MPlayer 1.0rc1 and earlier, and possibly others, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a rulebook with a large number of rulematches. Desbordamiento de búfer en la función asmrp_eval para el extensión de entrada a Real Media permite a atacantes remotos provocar una denegación de servicio y la posibilidad de ejecutar código de su elección mediante un libro de reglas con un gran número de coincidencias con estas reglas. • http://secunia.com/advisories/23218 http://secunia.com/advisories/23242 http://secunia.com/advisories/23249 http://secunia.com/advisories/23301 http://secunia.com/advisories/23335 http://secunia.com/advisories/23512 http://secunia.com/advisories/23567 http://secunia.com/advisories/24336 http://secunia.com/advisories/24339 http://secunia.com/advisories/25555 http://security.gentoo.org/glsa/glsa-200612-02.xml http://security.gentoo.org/glsa/glsa-200702-11.xml http://s •

CVSS: 5.1EPSS: 2%CPEs: 1EXPL: 0

Multiple integer overflows in MPlayer 1.0pre7try2 allow remote attackers to cause a denial of service and trigger heap-based buffer overflows via (1) a certain ASF file handled by asfheader.c that causes the asf_descrambling function to be passed a negative integer after the conversion from a char to an int or (2) an AVI file with a crafted wLongsPerEntry or nEntriesInUse value in the indx chunk, which is handled in aviheader.c. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044615.html http://secunia.com/advisories/19418 http://secunia.com/advisories/19565 http://secunia.com/advisories/19919 http://securityreason.com/securityalert/532 http://securityreason.com/securityalert/647 http://securitytracker.com/id?1015842 http://www.gentoo.org/security/en/glsa/glsa-200605-01.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:068 http://www.osvdb.org/24246 http://www.osvdb.org/2 •

CVSS: 7.5EPSS: 14%CPEs: 1EXPL: 0

Multiple integer overflows in (1) the new_demux_packet function in demuxer.h and (2) the demux_asf_read_packet function in demux_asf.c in MPlayer 1.0pre7try2 and earlier allow remote attackers to execute arbitrary code via an ASF file with a large packet length value. NOTE: the provenance of this information is unknown; portions of the details are obtained from third party information. Múltiples desbordamientos de enteros en (1) la función new_demux_packet en demuxer.h y (2) la función demux_asf_read_packet en demux_asf.c en MPlayer 1.0pre7try2 y anteriores permite a atacantes remotos ejecutar código de su elección mediante un fichero ASF con un valor de longitud de paquete grande. NOTA: la proveniencia de esta información es desconocida, parte de los detalles son obtenidos de información de terceras partes. • http://secunia.com/advisories/18718 http://secunia.com/advisories/19114 http://www.gentoo.org/security/en/glsa/glsa-200603-03.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:048 http://www.vupen.com/english/advisories/2006/0457 https://exchange.xforce.ibmcloud.com/vulnerabilities/24531 •

CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 0

Buffer overflow in ad_pcm.c in MPlayer 1.0pre7 and earlier allows remote attackers to execute arbitrary code via crafted PCM audio data, as demonstrated using a video file with an audio header containing a large value in a stream format (strf) chunk. • http://marc.info/?l=full-disclosure&m=112484733122809&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2005:158 http://www.securityfocus.com/bid/14652 http://www.sven-tantau.de/public_files/mplayer/mplayer_20050824.txt https://bugs.gentoo.org/show_bug.cgi?id=103555 •