// For flags

CVE-2007-4938

MPlayer 1.0 - AVIHeader.C Heap Buffer Overflow

Severity Score

7.6
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

3
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value.

Desbordamiento de búfer basado en pila en libmpdemux/aviheader.c en MPlayer 1.0rc1 y anteriores permite a atacantes remotos provocar denegación de servicio (caida de aplicación) o posiblemente ejecutar código de su elección a través de un archivo .avi con cierto "tamaño indx tratado" y valores nEntriesInuse, y un cierto valor wLongsPerEntry.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-09-12 First Exploit
  • 2007-09-18 CVE Reserved
  • 2007-09-18 CVE Published
  • 2024-07-22 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Mplayer
Search vendor "Mplayer"
Mplayer
Search vendor "Mplayer" for product "Mplayer"
1.0_rc1
Search vendor "Mplayer" for product "Mplayer" and version "1.0_rc1"
-
Affected
in Apple
Search vendor "Apple"
Mac Os X
Search vendor "Apple" for product "Mac Os X"
*-
Safe
Mplayer
Search vendor "Mplayer"
Mplayer
Search vendor "Mplayer" for product "Mplayer"
1.0_rc1
Search vendor "Mplayer" for product "Mplayer" and version "1.0_rc1"
-
Affected
in Hp
Search vendor "Hp"
Hp-ux
Search vendor "Hp" for product "Hp-ux"
*-
Safe
Mplayer
Search vendor "Mplayer"
Mplayer
Search vendor "Mplayer" for product "Mplayer"
1.0_rc1
Search vendor "Mplayer" for product "Mplayer" and version "1.0_rc1"
-
Affected
in Hp
Search vendor "Hp"
Tru64
Search vendor "Hp" for product "Tru64"
*-
Safe
Mplayer
Search vendor "Mplayer"
Mplayer
Search vendor "Mplayer" for product "Mplayer"
1.0_rc1
Search vendor "Mplayer" for product "Mplayer" and version "1.0_rc1"
-
Affected
in Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
*-
Safe
Mplayer
Search vendor "Mplayer"
Mplayer
Search vendor "Mplayer" for product "Mplayer"
1.0_rc1
Search vendor "Mplayer" for product "Mplayer" and version "1.0_rc1"
-
Affected
in Ibm
Search vendor "Ibm"
Os2
Search vendor "Ibm" for product "Os2"
*-
Safe
Mplayer
Search vendor "Mplayer"
Mplayer
Search vendor "Mplayer" for product "Mplayer"
1.0_rc1
Search vendor "Mplayer" for product "Mplayer" and version "1.0_rc1"
-
Affected
in Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
*-
Safe
Mplayer
Search vendor "Mplayer"
Mplayer
Search vendor "Mplayer" for product "Mplayer"
1.0_rc1
Search vendor "Mplayer" for product "Mplayer" and version "1.0_rc1"
-
Affected
in Mandrakesoft
Search vendor "Mandrakesoft"
Mandrake Linux
Search vendor "Mandrakesoft" for product "Mandrake Linux"
2007
Search vendor "Mandrakesoft" for product "Mandrake Linux" and version "2007"
-
Safe
Mplayer
Search vendor "Mplayer"
Mplayer
Search vendor "Mplayer" for product "Mplayer"
1.0_rc1
Search vendor "Mplayer" for product "Mplayer" and version "1.0_rc1"
-
Affected
in Mandrakesoft
Search vendor "Mandrakesoft"
Mandrake Linux
Search vendor "Mandrakesoft" for product "Mandrake Linux"
2007
Search vendor "Mandrakesoft" for product "Mandrake Linux" and version "2007"
x86_64
Safe
Mplayer
Search vendor "Mplayer"
Mplayer
Search vendor "Mplayer" for product "Mplayer"
1.0_rc1
Search vendor "Mplayer" for product "Mplayer" and version "1.0_rc1"
-
Affected
in Mandrakesoft
Search vendor "Mandrakesoft"
Mandrake Linux
Search vendor "Mandrakesoft" for product "Mandrake Linux"
2007.1
Search vendor "Mandrakesoft" for product "Mandrake Linux" and version "2007.1"
-
Safe
Mplayer
Search vendor "Mplayer"
Mplayer
Search vendor "Mplayer" for product "Mplayer"
1.0_rc1
Search vendor "Mplayer" for product "Mplayer" and version "1.0_rc1"
-
Affected
in Mandrakesoft
Search vendor "Mandrakesoft"
Mandrake Linux
Search vendor "Mandrakesoft" for product "Mandrake Linux"
2007.1
Search vendor "Mandrakesoft" for product "Mandrake Linux" and version "2007.1"
x86_64
Safe
Mplayer
Search vendor "Mplayer"
Mplayer
Search vendor "Mplayer" for product "Mplayer"
1.0_rc1
Search vendor "Mplayer" for product "Mplayer" and version "1.0_rc1"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*-
Safe
Mplayer
Search vendor "Mplayer"
Mplayer
Search vendor "Mplayer" for product "Mplayer"
1.0_rc1
Search vendor "Mplayer" for product "Mplayer" and version "1.0_rc1"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows 2003 Server
Search vendor "Microsoft" for product "Windows 2003 Server"
*-
Safe
Mplayer
Search vendor "Mplayer"
Mplayer
Search vendor "Mplayer" for product "Mplayer"
1.0_rc1
Search vendor "Mplayer" for product "Mplayer" and version "1.0_rc1"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows 98
Search vendor "Microsoft" for product "Windows 98"
*-
Safe
Mplayer
Search vendor "Mplayer"
Mplayer
Search vendor "Mplayer" for product "Mplayer"
1.0_rc1
Search vendor "Mplayer" for product "Mplayer" and version "1.0_rc1"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows Me
Search vendor "Microsoft" for product "Windows Me"
*-
Safe
Mplayer
Search vendor "Mplayer"
Mplayer
Search vendor "Mplayer" for product "Mplayer"
1.0_rc1
Search vendor "Mplayer" for product "Mplayer" and version "1.0_rc1"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows Nt
Search vendor "Microsoft" for product "Windows Nt"
4.0
Search vendor "Microsoft" for product "Windows Nt" and version "4.0"
-
Safe
Mplayer
Search vendor "Mplayer"
Mplayer
Search vendor "Mplayer" for product "Mplayer"
1.0_rc1
Search vendor "Mplayer" for product "Mplayer" and version "1.0_rc1"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows Xp
Search vendor "Microsoft" for product "Windows Xp"
*-
Safe
Mplayer
Search vendor "Mplayer"
Mplayer
Search vendor "Mplayer" for product "Mplayer"
1.0_rc1
Search vendor "Mplayer" for product "Mplayer" and version "1.0_rc1"
-
Affected
in Santa Cruz Operation
Search vendor "Santa Cruz Operation"
Sco Unix
Search vendor "Santa Cruz Operation" for product "Sco Unix"
*-
Safe
Mplayer
Search vendor "Mplayer"
Mplayer
Search vendor "Mplayer" for product "Mplayer"
1.0_rc1
Search vendor "Mplayer" for product "Mplayer" and version "1.0_rc1"
-
Affected
in Sun
Search vendor "Sun"
Solaris
Search vendor "Sun" for product "Solaris"
*-
Safe
Mplayer
Search vendor "Mplayer"
Mplayer
Search vendor "Mplayer" for product "Mplayer"
1.0_rc1
Search vendor "Mplayer" for product "Mplayer" and version "1.0_rc1"
-
Affected
in Windriver
Search vendor "Windriver"
Bsdos
Search vendor "Windriver" for product "Bsdos"
*-
Safe
Sgi
Search vendor "Sgi"
Irix
Search vendor "Sgi" for product "Irix"
*-
Affected
in Apple
Search vendor "Apple"
Mac Os X
Search vendor "Apple" for product "Mac Os X"
*-
Safe
Sgi
Search vendor "Sgi"
Irix
Search vendor "Sgi" for product "Irix"
*-
Affected
in Hp
Search vendor "Hp"
Hp-ux
Search vendor "Hp" for product "Hp-ux"
*-
Safe
Sgi
Search vendor "Sgi"
Irix
Search vendor "Sgi" for product "Irix"
*-
Affected
in Hp
Search vendor "Hp"
Tru64
Search vendor "Hp" for product "Tru64"
*-
Safe
Sgi
Search vendor "Sgi"
Irix
Search vendor "Sgi" for product "Irix"
*-
Affected
in Ibm
Search vendor "Ibm"
Aix
Search vendor "Ibm" for product "Aix"
*-
Safe
Sgi
Search vendor "Sgi"
Irix
Search vendor "Sgi" for product "Irix"
*-
Affected
in Ibm
Search vendor "Ibm"
Os2
Search vendor "Ibm" for product "Os2"
*-
Safe
Sgi
Search vendor "Sgi"
Irix
Search vendor "Sgi" for product "Irix"
*-
Affected
in Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
*-
Safe
Sgi
Search vendor "Sgi"
Irix
Search vendor "Sgi" for product "Irix"
*-
Affected
in Mandrakesoft
Search vendor "Mandrakesoft"
Mandrake Linux
Search vendor "Mandrakesoft" for product "Mandrake Linux"
2007
Search vendor "Mandrakesoft" for product "Mandrake Linux" and version "2007"
-
Safe
Sgi
Search vendor "Sgi"
Irix
Search vendor "Sgi" for product "Irix"
*-
Affected
in Mandrakesoft
Search vendor "Mandrakesoft"
Mandrake Linux
Search vendor "Mandrakesoft" for product "Mandrake Linux"
2007
Search vendor "Mandrakesoft" for product "Mandrake Linux" and version "2007"
x86_64
Safe
Sgi
Search vendor "Sgi"
Irix
Search vendor "Sgi" for product "Irix"
*-
Affected
in Mandrakesoft
Search vendor "Mandrakesoft"
Mandrake Linux
Search vendor "Mandrakesoft" for product "Mandrake Linux"
2007.1
Search vendor "Mandrakesoft" for product "Mandrake Linux" and version "2007.1"
-
Safe
Sgi
Search vendor "Sgi"
Irix
Search vendor "Sgi" for product "Irix"
*-
Affected
in Mandrakesoft
Search vendor "Mandrakesoft"
Mandrake Linux
Search vendor "Mandrakesoft" for product "Mandrake Linux"
2007.1
Search vendor "Mandrakesoft" for product "Mandrake Linux" and version "2007.1"
x86_64
Safe
Sgi
Search vendor "Sgi"
Irix
Search vendor "Sgi" for product "Irix"
*-
Affected
in Microsoft
Search vendor "Microsoft"
Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*-
Safe
Sgi
Search vendor "Sgi"
Irix
Search vendor "Sgi" for product "Irix"
*-
Affected
in Microsoft
Search vendor "Microsoft"
Windows 2003 Server
Search vendor "Microsoft" for product "Windows 2003 Server"
*-
Safe
Sgi
Search vendor "Sgi"
Irix
Search vendor "Sgi" for product "Irix"
*-
Affected
in Microsoft
Search vendor "Microsoft"
Windows 98
Search vendor "Microsoft" for product "Windows 98"
*-
Safe
Sgi
Search vendor "Sgi"
Irix
Search vendor "Sgi" for product "Irix"
*-
Affected
in Microsoft
Search vendor "Microsoft"
Windows Me
Search vendor "Microsoft" for product "Windows Me"
*-
Safe
Sgi
Search vendor "Sgi"
Irix
Search vendor "Sgi" for product "Irix"
*-
Affected
in Microsoft
Search vendor "Microsoft"
Windows Nt
Search vendor "Microsoft" for product "Windows Nt"
4.0
Search vendor "Microsoft" for product "Windows Nt" and version "4.0"
-
Safe
Sgi
Search vendor "Sgi"
Irix
Search vendor "Sgi" for product "Irix"
*-
Affected
in Microsoft
Search vendor "Microsoft"
Windows Xp
Search vendor "Microsoft" for product "Windows Xp"
*-
Safe
Sgi
Search vendor "Sgi"
Irix
Search vendor "Sgi" for product "Irix"
*-
Affected
in Santa Cruz Operation
Search vendor "Santa Cruz Operation"
Sco Unix
Search vendor "Santa Cruz Operation" for product "Sco Unix"
*-
Safe
Sgi
Search vendor "Sgi"
Irix
Search vendor "Sgi" for product "Irix"
*-
Affected
in Sun
Search vendor "Sun"
Solaris
Search vendor "Sun" for product "Solaris"
*-
Safe
Sgi
Search vendor "Sgi"
Irix
Search vendor "Sgi" for product "Irix"
*-
Affected
in Windriver
Search vendor "Windriver"
Bsdos
Search vendor "Windriver" for product "Bsdos"
*-
Safe