CVSS: 10.0EPSS: 0%CPEs: 20EXPL: 0CVE-2011-2162
https://notcve.org/view.php?id=CVE-2011-2162
20 May 2011 — Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mandriva Enterprise Server 5 (aka MES5) have unknown impact and attack vectors, related to issues "originally discovered by Google Chrome developers." Múltiples vulnerabilidades no especificadas en FFmpeg v0.4.x hasta v0.6.x, tal como se utiliza en MPlayer v1.0 y otros productos, en Mandriva Linux v2009.0, v2010.0 y... • http://www.mandriva.com/security/advisories?name=MDVSA-2011:059 •
CVSS: 8.8EPSS: 4%CPEs: 109EXPL: 0CVE-2010-3429 – Gentoo Linux Security Advisory 201310-13
https://notcve.org/view.php?id=CVE-2010-3429
30 Sep 2010 — flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability." flicvideo.c en libavcodec 0.6 y versiones anteriores en FFmpeg, tal como es usado en MPlayer y otros productos, permite a atacantes remotos ejecutar código de su elección mediante un fichero flic manipulado, relacionado con una "arbitrary offset dereference vulnerability." Multiple vu... • http://git.ffmpeg.org/?p=ffmpeg%3Ba=commit%3Bh=16c592155f117ccd7b86006c45aacc692a81c23b • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 18%CPEs: 20EXPL: 0CVE-2008-5616
https://notcve.org/view.php?id=CVE-2008-5616
17 Dec 2008 — Stack-based buffer overflow in the demux_open_vqf function in libmpdemux/demux_vqf.c in MPlayer 1.0 rc2 before r28150 allows remote attackers to execute arbitrary code via a malformed TwinVQ file. Desbordamiento de búfer basado en pila en la función demux_open_vqf en libmpdemux/demux_vqf.c en MPlayer v1.0 rc2 anterior a r28150 que permite a atacantes remotos ejecutar código a su elección a través de un fichero malformado TwinVQ. • http://secunia.com/advisories/33136 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 18%CPEs: 20EXPL: 2CVE-2008-4610 – MPlayer - '.AAC' File Handling Denial of Service
https://notcve.org/view.php?id=CVE-2008-4610
20 Oct 2008 — MPlayer allows remote attackers to cause a denial of service (application crash) via (1) a malformed AAC file, as demonstrated by lol-vlc.aac; or (2) a malformed Ogg Media (OGM) file, as demonstrated by lol-ffplay.ogm, different vectors than CVE-2007-6718. MPlayer permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) mediante (1) un archivo mal formado, como lo demuestra lol-vlc.aac; o (2) un archivo malformado Ogg Media (OGM), como lo demuestra lol-ffplay.ogm, vectores di... • https://www.exploit-db.com/exploits/32856 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 0CVE-2007-6718 – Gentoo Linux Security Advisory 201310-13
https://notcve.org/view.php?id=CVE-2007-6718
20 Oct 2008 — MPlayer, possibly 1.0rc1, allows remote attackers to cause a denial of service (SIGSEGV and application crash) via (1) a malformed MP3 file, as demonstrated by lol-mplayer.mp3; (2) a malformed Ogg Vorbis file, as demonstrated by lol-mplayer.ogg; (3) a malformed MPEG-1 file, as demonstrated by lol-mplayer.mpg; (4) a malformed MPEG-2 file, as demonstrated by lol-mplayer.m2v; (5) a malformed MPEG-4 AVI file, as demonstrated by lol-mplayer.avi; (6) a malformed FLAC file, as demonstrated by lol-mplayer.flac; (7)... • http://sam.zoy.org/blog/2007-01-16-exposing-file-parsing-vulnerabilities •
CVSS: 9.3EPSS: 5%CPEs: 21EXPL: 0CVE-2008-3827
https://notcve.org/view.php?id=CVE-2008-3827
29 Sep 2008 — Multiple integer underflows in the Real demuxer (demux_real.c) in MPlayer 1.0_rc2 and earlier allow remote attackers to cause a denial of service (process termination) and possibly execute arbitrary code via a crafted video file that causes the stream_read function to read or write arbitrary memory. Mútiples desbordamientos de entero en MPlayer v1.0_rc2 y anteriores permite a atacantes remotos provocar una denegación de servicio (finalización de proceso) y posiblemente ejecutar código de su elección mediant... • http://secunia.com/advisories/32045 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 22%CPEs: 1EXPL: 2CVE-2008-0485 – MPlayer 1.0rc2 - 'demux_mov.c' Remote Code Execution
https://notcve.org/view.php?id=CVE-2008-0485
05 Feb 2008 — Array index error in libmpdemux/demux_mov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag. Error en el índice de array en libmpdemux/demux_mov.c de MPlayer 1.0 rc2 y versiones anteriores. Podría permitir a atacantes remotos ejecutar código de su elección a través de un archivo MOV de QuickTime modificado con una etiqueta stsc atom. • https://www.exploit-db.com/exploits/31076 • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 16%CPEs: 1EXPL: 0CVE-2007-1387
https://notcve.org/view.php?id=CVE-2007-1387
13 Mar 2007 — The DirectShow loader (loader/dshow/DS_VideoDecoder.c) in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than CVE-2007-1246. El cargador DirectShow (loader/dshow/DS_VideoDecoder.c) en MPlayer 1.0rc1 y anteriores, como el usado en xine-lib, no establece el biSize antes de usarse en memcpy, lo cual permite a atacantes remotos co... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414072 •
CVSS: 8.8EPSS: 22%CPEs: 1EXPL: 0CVE-2007-1246
https://notcve.org/view.php?id=CVE-2007-1246
03 Mar 2007 — The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than CVE-2007-1387. La función DMO_VideoDecoder_Open en el archivo loader/dmo/DMO_VideoDecoder.c en MPlayer versión 1.0rc1 y anteriores, tal como es usado en xine-lib, no establece el biSize antes de usarlo en ... • http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/052738.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 12%CPEs: 2EXPL: 1CVE-2006-6172
https://notcve.org/view.php?id=CVE-2006-6172
30 Nov 2006 — Buffer overflow in the asmrp_eval function in the RealMedia RTSP stream handler (asmrp.c) for Real Media input plugin, as used in (1) xine/xine-lib, (2) MPlayer 1.0rc1 and earlier, and possibly others, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a rulebook with a large number of rulematches. Desbordamiento de búfer en la función asmrp_eval para el extensión de entrada a Real Media permite a atacantes remotos provocar una denegación de servicio y la posibilida... • http://secunia.com/advisories/23218 •