// For flags

CVE-2007-1246

 

Severity Score

7.6
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than CVE-2007-1387.

La función DMO_VideoDecoder_Open en el archivo loader/dmo/DMO_VideoDecoder.c en MPlayer versión 1.0rc1 y anteriores, tal como es usado en xine-lib, no establece el biSize antes de usarlo en un memcpy, lo que permite que atacantes remotos asistidos por el usuario causen un desbordamiento del búfer y posiblemente ejecuten código arbitrario, una vulnerabilidad diferente al CVE-2007-1387.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-03-03 CVE Reserved
  • 2007-03-03 CVE Published
  • 2024-08-07 CVE Updated
  • 2024-09-12 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (26)
URL Tag Source
http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/052738.html Mailing List
http://svn.mplayerhq.hu/mplayer/trunk/loader/dmo/DMO_VideoDecoder.c?r1=22019&r2=22204 X_refsource_misc
http://www.securityfocus.com/archive/1/466691/30/6900/threaded Mailing List
http://www.securityfocus.com/bid/22771 Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/32747 Vdb Entry
URL Date SRC
URL Date SRC
http://svn.mplayerhq.hu/mplayer/trunk/loader/dmo/DMO_VideoDecoder.c 2018-10-16
URL Date SRC
http://secunia.com/advisories/24443 2018-10-16
http://secunia.com/advisories/24444 2018-10-16
http://secunia.com/advisories/24446 2018-10-16
http://secunia.com/advisories/24448 2018-10-16
http://secunia.com/advisories/24462 2018-10-16
http://secunia.com/advisories/24866 2018-10-16
http://secunia.com/advisories/24897 2018-10-16
http://secunia.com/advisories/24995 2018-10-16
http://secunia.com/advisories/25462 2018-10-16
http://secunia.com/advisories/29601 2018-10-16
http://security.gentoo.org/glsa/glsa-200704-09.xml 2018-10-16
http://security.gentoo.org/glsa/glsa-200705-21.xml 2018-10-16
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.449141 2018-10-16
http://www.debian.org/security/2008/dsa-1536 2018-10-16
http://www.mandriva.com/security/advisories?name=MDKSA-2007:055 2018-10-16
http://www.mandriva.com/security/advisories?name=MDKSA-2007:057 2018-10-16
http://www.novell.com/linux/security/advisories/2007_007_suse.html 2018-10-16
http://www.novell.com/linux/security/advisories/2007_5_sr.html 2018-10-16
http://www.ubuntu.com/usn/usn-433-1 2018-10-16
http://www.vupen.com/english/advisories/2007/0794 2018-10-16
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Mplayer
Search vendor "Mplayer"
 Mplayer
Search vendor "Mplayer" for product "Mplayer"
 <= 1.0_rc1
Search vendor "Mplayer" for product "Mplayer" and version " <= 1.0_rc1"
-
Affected