CVE-2006-0579
https://notcve.org/view.php?id=CVE-2006-0579
Multiple integer overflows in (1) the new_demux_packet function in demuxer.h and (2) the demux_asf_read_packet function in demux_asf.c in MPlayer 1.0pre7try2 and earlier allow remote attackers to execute arbitrary code via an ASF file with a large packet length value. NOTE: the provenance of this information is unknown; portions of the details are obtained from third party information. Múltiples desbordamientos de enteros en (1) la función new_demux_packet en demuxer.h y (2) la función demux_asf_read_packet en demux_asf.c en MPlayer 1.0pre7try2 y anteriores permite a atacantes remotos ejecutar código de su elección mediante un fichero ASF con un valor de longitud de paquete grande. NOTA: la proveniencia de esta información es desconocida, parte de los detalles son obtenidos de información de terceras partes. • http://secunia.com/advisories/18718 http://secunia.com/advisories/19114 http://www.gentoo.org/security/en/glsa/glsa-200603-03.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:048 http://www.vupen.com/english/advisories/2006/0457 https://exchange.xforce.ibmcloud.com/vulnerabilities/24531 •
CVE-2005-2718
https://notcve.org/view.php?id=CVE-2005-2718
Buffer overflow in ad_pcm.c in MPlayer 1.0pre7 and earlier allows remote attackers to execute arbitrary code via crafted PCM audio data, as demonstrated using a video file with an audio header containing a large value in a stream format (strf) chunk. • http://marc.info/?l=full-disclosure&m=112484733122809&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2005:158 http://www.securityfocus.com/bid/14652 http://www.sven-tantau.de/public_files/mplayer/mplayer_20050824.txt https://bugs.gentoo.org/show_bug.cgi?id=103555 •
CVE-2005-1195
https://notcve.org/view.php?id=CVE-2005-1195
Multiple heap-based buffer overflows in the code used to handle (1) MMS over TCP (MMST) streams or (2) RealMedia RTSP streams in xine-lib before 1.0, and other products that use xine-lib such as MPlayer 1.0pre6 and earlier, allow remote malicious servers to execute arbitrary code. • http://cvs.sourceforge.net/viewcvs.py/xine/xine-lib/src/input/librtsp/rtsp.c?r1=1.18&r2=1.19&diff_format=u http://cvs.sourceforge.net/viewcvs.py/xine/xine-lib/src/input/mms.c?r1=1.55&r2=1.56&diff_format=u http://seclists.org/lists/bugtraq/2005/Apr/0337.html http://secunia.com/advisories/15014 http://securitytracker.com/id?1013771 http://www.gentoo.org/security/en/glsa/glsa-200504-19.xml http://www.mplayerhq.hu/homepage/design7/news.html#vuln10 http:/ •