CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-38863
https://notcve.org/view.php?id=CVE-2022-38863
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mp_getbits() of libmpdemux/mpeg_hdr.c which affects mencoder and mplayer. This affects mecoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1. Determinados productos de The MPlayer Project son vulnerables al desbordamiento del búfer por medio de la función mp_getbits() del archivo libmpdemux/mpeg_hdr.c que afecta a mencoder y mplayer. Esto afecta a mecoder SVN-r38374-13.0.1 y mplayer SVN-r38374-13.0.1 • https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html https://trac.mplayerhq.hu/ticket/2405 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-38864
https://notcve.org/view.php?id=CVE-2022-38864
Certain The MPlayer Project products are vulnerable to Buffer Overflow via the function mp_unescape03() of libmpdemux/mpeg_hdr.c. This affects mencoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1. Determinados productos de The MPlayer Project son vulnerables al desbordamiento del búfer por la función mp_unescape03() del archivo libmpdemux/mpeg_hdr.c. Esto afecta a mencoder SVN-r38374-13.0.1 y mplayer SVN-r38374-13.0.1 • https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html https://trac.mplayerhq.hu/ticket/2406 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-38865
https://notcve.org/view.php?id=CVE-2022-38865
Certain The MPlayer Project products are vulnerable to Divide By Zero via the function demux_avi_read_packet of libmpdemux/demux_avi.c. This affects mplyer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1. Determinados productos de The MPlayer Project son vulnerables a la división por cero por medio de la función demux_avi_read_packet del archivo libmpdemux/demux_avi.c. Esto afecta a mplayer versión SVN-r38374-13.0.1 y mencoder versión SVN-r38374-13.0.1 • https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html https://trac.mplayerhq.hu/ticket/2401 • CWE-369: Divide By Zero •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-38866
https://notcve.org/view.php?id=CVE-2022-38866
Certain The MPlayer Project products are vulnerable to Buffer Overflow via read_avi_header() of libmpdemux/aviheader.c . This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1. Determinados productos de The MPlayer Project son vulnerables al desbordamiento del búfer por medio de la función read_avi_header() del archivo libmpdemux/aviheader.c . Esto afecta a mplayer versión SVN-r38374-13.0.1 y mencoder versión SVN-r38374-13.0.1 • https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html https://trac.mplayerhq.hu/ticket/2403#comment:2 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2022-32317
https://notcve.org/view.php?id=CVE-2022-32317
The MPlayer Project v1.5 was discovered to contain a heap use-after-free resulting in a double free in the preinit function at libvo/vo_v4l2.c. This vulnerability can lead to a Denial of Service (DoS) via a crafted file. The device=strdup statement is not executed on every call. Note: This has been disputed by third parties as invalid and not reproduceable. Se ha detectado que el proyecto MPlayer v1.5 contiene un heap use-after-free que resulta en un doble free en la función preinit en libvo/vo_v4l2.c. • https://bugs.gentoo.org/show_bug.cgi?id=858107 https://github.com/b17fr13nds/MPlayer_cve_poc https://transfer.sh/m2WcuM/poc_dup.zip • CWE-416: Use After Free •