All the vulnerabilites related to mplayerhq - mplayer
cve-2022-38861
Vulnerability from cvelistv5
Published
2022-09-15 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
The MPlayer Project mplayer SVN-r38374-13.0.1 is vulnerable to memory corruption via function free_mp_image() of libmpcodecs/mp_image.c.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:02:14.634Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://trac.mplayerhq.hu/ticket/2407"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3255-1] mplayer security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The MPlayer Project mplayer SVN-r38374-13.0.1 is vulnerable to memory corruption via function free_mp_image() of libmpcodecs/mp_image.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-31T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://trac.mplayerhq.hu/ticket/2407"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3255-1] mplayer security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-38861",
"datePublished": "2022-09-15T00:00:00",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:02:14.634Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-38864
Vulnerability from cvelistv5
Published
2022-09-15 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
Certain The MPlayer Project products are vulnerable to Buffer Overflow via the function mp_unescape03() of libmpdemux/mpeg_hdr.c. This affects mencoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:02:14.564Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://trac.mplayerhq.hu/ticket/2406"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3255-1] mplayer security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain The MPlayer Project products are vulnerable to Buffer Overflow via the function mp_unescape03() of libmpdemux/mpeg_hdr.c. This affects mencoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-31T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://trac.mplayerhq.hu/ticket/2406"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3255-1] mplayer security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-38864",
"datePublished": "2022-09-15T00:00:00",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:02:14.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-3908
Vulnerability from cvelistv5
Published
2011-05-20 22:00
Modified
2024-08-07 03:26
Severity ?
EPSS score ?
Summary
FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.debian.org/security/2011/dsa-2306 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2011:061 | vendor-advisory, x_refsource_MANDRIVA | |
| http://www.ubuntu.com/usn/usn-1104-1/ | vendor-advisory, x_refsource_UBUNTU | |
| http://ffmpeg.mplayerhq.hu/ | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:26:12.181Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-2306",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2306"
},
{
"name": "MDVSA-2011:061",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
},
{
"name": "USN-1104-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-1104-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://ffmpeg.mplayerhq.hu/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-10-26T09:00:00",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"name": "DSA-2306",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2306"
},
{
"name": "MDVSA-2011:061",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
},
{
"name": "USN-1104-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-1104-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://ffmpeg.mplayerhq.hu/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2010-3908",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-2306",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2306"
},
{
"name": "MDVSA-2011:061",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
},
{
"name": "USN-1104-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-1104-1/"
},
{
"name": "http://ffmpeg.mplayerhq.hu/",
"refsource": "CONFIRM",
"url": "http://ffmpeg.mplayerhq.hu/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2010-3908",
"datePublished": "2011-05-20T22:00:00",
"dateReserved": "2010-10-12T00:00:00",
"dateUpdated": "2024-08-07T03:26:12.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-38600
Vulnerability from cvelistv5
Published
2022-09-15 15:07
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
Mplayer SVN-r38374-13.0.1 is vulnerable to Memory Leak via vf.c and vf_vo.c.
References
| ▼ | URL | Tags |
|---|---|---|
| https://trac.mplayerhq.hu/ticket/2390#comment:2 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:02:13.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://trac.mplayerhq.hu/ticket/2390#comment:2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Mplayer SVN-r38374-13.0.1 is vulnerable to Memory Leak via vf.c and vf_vo.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-15T15:07:09",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://trac.mplayerhq.hu/ticket/2390#comment:2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-38600",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mplayer SVN-r38374-13.0.1 is vulnerable to Memory Leak via vf.c and vf_vo.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://trac.mplayerhq.hu/ticket/2390#comment:2",
"refsource": "MISC",
"url": "https://trac.mplayerhq.hu/ticket/2390#comment:2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-38600",
"datePublished": "2022-09-15T15:07:09",
"dateReserved": "2022-08-22T00:00:00",
"dateUpdated": "2024-08-03T11:02:13.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-0722
Vulnerability from cvelistv5
Published
2011-05-20 22:00
Modified
2024-08-06 22:05
Severity ?
EPSS score ?
Summary
FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a malformed RealMedia file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.debian.org/security/2011/dsa-2306 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2011:061 | vendor-advisory, x_refsource_MANDRIVA | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2011:062 | vendor-advisory, x_refsource_MANDRIVA | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2011:114 | vendor-advisory, x_refsource_MANDRIVA | |
| http://www.ubuntu.com/usn/usn-1104-1/ | vendor-advisory, x_refsource_UBUNTU | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2011:089 | vendor-advisory, x_refsource_MANDRIVA | |
| http://ffmpeg.mplayerhq.hu/ | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2011/1241 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/47149 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:05:53.346Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-2306",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2306"
},
{
"name": "MDVSA-2011:061",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
},
{
"name": "MDVSA-2011:062",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:062"
},
{
"name": "MDVSA-2011:114",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:114"
},
{
"name": "USN-1104-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-1104-1/"
},
{
"name": "MDVSA-2011:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:089"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://ffmpeg.mplayerhq.hu/"
},
{
"name": "ADV-2011-1241",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/1241"
},
{
"name": "47149",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/47149"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a malformed RealMedia file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-10-26T09:00:00",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"name": "DSA-2306",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2306"
},
{
"name": "MDVSA-2011:061",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
},
{
"name": "MDVSA-2011:062",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:062"
},
{
"name": "MDVSA-2011:114",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:114"
},
{
"name": "USN-1104-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-1104-1/"
},
{
"name": "MDVSA-2011:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:089"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://ffmpeg.mplayerhq.hu/"
},
{
"name": "ADV-2011-1241",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/1241"
},
{
"name": "47149",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/47149"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2011-0722",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a malformed RealMedia file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-2306",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2306"
},
{
"name": "MDVSA-2011:061",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
},
{
"name": "MDVSA-2011:062",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:062"
},
{
"name": "MDVSA-2011:114",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:114"
},
{
"name": "USN-1104-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-1104-1/"
},
{
"name": "MDVSA-2011:089",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:089"
},
{
"name": "http://ffmpeg.mplayerhq.hu/",
"refsource": "CONFIRM",
"url": "http://ffmpeg.mplayerhq.hu/"
},
{
"name": "ADV-2011-1241",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/1241"
},
{
"name": "47149",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47149"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2011-0722",
"datePublished": "2011-05-20T22:00:00",
"dateReserved": "2011-02-01T00:00:00",
"dateUpdated": "2024-08-06T22:05:53.346Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-38862
Vulnerability from cvelistv5
Published
2022-09-15 14:37
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function play() of libaf/af.c:639. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.
References
| ▼ | URL | Tags |
|---|---|---|
| https://trac.mplayerhq.hu/ticket/2404 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:02:14.765Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://trac.mplayerhq.hu/ticket/2404"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain The MPlayer Project products are vulnerable to Buffer Overflow via function play() of libaf/af.c:639. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-15T14:37:51",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://trac.mplayerhq.hu/ticket/2404"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-38862",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain The MPlayer Project products are vulnerable to Buffer Overflow via function play() of libaf/af.c:639. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://trac.mplayerhq.hu/ticket/2404",
"refsource": "MISC",
"url": "https://trac.mplayerhq.hu/ticket/2404"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-38862",
"datePublished": "2022-09-15T14:37:51",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:02:14.765Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-38860
Vulnerability from cvelistv5
Published
2022-09-15 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
Certain The MPlayer Project products are vulnerable to Divide By Zero via function demux_open_avi() of libmpdemux/demux_avi.c which affects mencoder. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:02:14.638Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://trac.mplayerhq.hu/ticket/2402"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3255-1] mplayer security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain The MPlayer Project products are vulnerable to Divide By Zero via function demux_open_avi() of libmpdemux/demux_avi.c which affects mencoder. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-31T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://trac.mplayerhq.hu/ticket/2402"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3255-1] mplayer security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-38860",
"datePublished": "2022-09-15T00:00:00",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:02:14.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32317
Vulnerability from cvelistv5
Published
2022-07-14 00:00
Modified
2024-08-03 07:39
Severity ?
EPSS score ?
Summary
The MPlayer Project v1.5 was discovered to contain a heap use-after-free resulting in a double free in the preinit function at libvo/vo_v4l2.c. This vulnerability can lead to a Denial of Service (DoS) via a crafted file. The device=strdup statement is not executed on every call. Note: This has been disputed by third parties as invalid and not reproduceable.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:39:50.803Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://transfer.sh/m2WcuM/poc_dup.zip"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=858107"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/b17fr13nds/MPlayer_cve_poc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The MPlayer Project v1.5 was discovered to contain a heap use-after-free resulting in a double free in the preinit function at libvo/vo_v4l2.c. This vulnerability can lead to a Denial of Service (DoS) via a crafted file. The device=strdup statement is not executed on every call. Note: This has been disputed by third parties as invalid and not reproduceable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T21:01:32.421584",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://transfer.sh/m2WcuM/poc_dup.zip"
},
{
"url": "https://bugs.gentoo.org/show_bug.cgi?id=858107"
},
{
"url": "https://github.com/b17fr13nds/MPlayer_cve_poc"
}
],
"tags": [
"disputed"
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-32317",
"datePublished": "2022-07-14T00:00:00",
"dateReserved": "2022-06-05T00:00:00",
"dateUpdated": "2024-08-03T07:39:50.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-3429
Vulnerability from cvelistv5
Published
2010-09-30 14:00
Modified
2024-08-07 03:11
Severity ?
EPSS score ?
Summary
flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:11:44.355Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2011:088",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:088"
},
{
"name": "[oss-security] 20100928 [oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereference",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/28/4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.ffmpeg.org/?p=ffmpeg%3Ba=commit%3Bh=16c592155f117ccd7b86006c45aacc692a81c23b"
},
{
"name": "MDVSA-2011:061",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
},
{
"name": "MDVSA-2011:062",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:062"
},
{
"name": "20100928 [oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereference",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/514009/100/0/threaded"
},
{
"name": "MDVSA-2011:112",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:112"
},
{
"name": "MDVSA-2011:114",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:114"
},
{
"name": "43323",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43323"
},
{
"name": "USN-1104-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-1104-1/"
},
{
"name": "ADV-2010-2518",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2518"
},
{
"name": "MDVSA-2011:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:089"
},
{
"name": "ADV-2010-2517",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2517"
},
{
"name": "DSA-2165",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2165"
},
{
"name": "ADV-2011-1241",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/1241"
},
{
"name": "MDVSA-2011:060",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:060"
},
{
"name": "41626",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41626"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=635775"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ocert.org/advisories/ocert-2010-004.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-09-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an \"arbitrary offset dereference vulnerability.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDVSA-2011:088",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:088"
},
{
"name": "[oss-security] 20100928 [oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereference",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/09/28/4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.ffmpeg.org/?p=ffmpeg%3Ba=commit%3Bh=16c592155f117ccd7b86006c45aacc692a81c23b"
},
{
"name": "MDVSA-2011:061",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
},
{
"name": "MDVSA-2011:062",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:062"
},
{
"name": "20100928 [oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereference",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/514009/100/0/threaded"
},
{
"name": "MDVSA-2011:112",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:112"
},
{
"name": "MDVSA-2011:114",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:114"
},
{
"name": "43323",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43323"
},
{
"name": "USN-1104-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-1104-1/"
},
{
"name": "ADV-2010-2518",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2518"
},
{
"name": "MDVSA-2011:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:089"
},
{
"name": "ADV-2010-2517",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2517"
},
{
"name": "DSA-2165",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2165"
},
{
"name": "ADV-2011-1241",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/1241"
},
{
"name": "MDVSA-2011:060",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:060"
},
{
"name": "41626",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41626"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=635775"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ocert.org/advisories/ocert-2010-004.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3429",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an \"arbitrary offset dereference vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2011:088",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:088"
},
{
"name": "[oss-security] 20100928 [oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereference",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/09/28/4"
},
{
"name": "http://git.ffmpeg.org/?p=ffmpeg;a=commit;h=16c592155f117ccd7b86006c45aacc692a81c23b",
"refsource": "CONFIRM",
"url": "http://git.ffmpeg.org/?p=ffmpeg;a=commit;h=16c592155f117ccd7b86006c45aacc692a81c23b"
},
{
"name": "MDVSA-2011:061",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
},
{
"name": "MDVSA-2011:062",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:062"
},
{
"name": "20100928 [oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereference",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/514009/100/0/threaded"
},
{
"name": "MDVSA-2011:112",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:112"
},
{
"name": "MDVSA-2011:114",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:114"
},
{
"name": "43323",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43323"
},
{
"name": "USN-1104-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-1104-1/"
},
{
"name": "ADV-2010-2518",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2518"
},
{
"name": "MDVSA-2011:089",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:089"
},
{
"name": "ADV-2010-2517",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2517"
},
{
"name": "DSA-2165",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2165"
},
{
"name": "ADV-2011-1241",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/1241"
},
{
"name": "MDVSA-2011:060",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:060"
},
{
"name": "41626",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41626"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=635775",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=635775"
},
{
"name": "http://www.ocert.org/advisories/ocert-2010-004.html",
"refsource": "MISC",
"url": "http://www.ocert.org/advisories/ocert-2010-004.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-3429",
"datePublished": "2010-09-30T14:00:00",
"dateReserved": "2010-09-17T00:00:00",
"dateUpdated": "2024-08-07T03:11:44.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-38855
Vulnerability from cvelistv5
Published
2022-09-15 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function gen_sh_video () of mplayer/libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:02:14.672Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://trac.mplayerhq.hu/ticket/2392"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3255-1] mplayer security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain The MPlayer Project products are vulnerable to Buffer Overflow via function gen_sh_video () of mplayer/libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-31T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://trac.mplayerhq.hu/ticket/2392"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3255-1] mplayer security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-38855",
"datePublished": "2022-09-15T00:00:00",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:02:14.672Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-2160
Vulnerability from cvelistv5
Published
2011-05-20 22:00
Modified
2024-08-06 22:53
Severity ?
EPSS score ?
Summary
The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer and other products, does not properly restrict read operations, which allows remote attackers to have an unspecified impact via a crafted VC-1 file, a related issue to CVE-2011-0723.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/47956 | vdb-entry, x_refsource_BID | |
| http://ffmpeg.mplayerhq.hu/ | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:53:17.021Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "47956",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/47956"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://ffmpeg.mplayerhq.hu/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer and other products, does not properly restrict read operations, which allows remote attackers to have an unspecified impact via a crafted VC-1 file, a related issue to CVE-2011-0723."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-09-07T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "47956",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/47956"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://ffmpeg.mplayerhq.hu/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-2160",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer and other products, does not properly restrict read operations, which allows remote attackers to have an unspecified impact via a crafted VC-1 file, a related issue to CVE-2011-0723."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "47956",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47956"
},
{
"name": "http://ffmpeg.mplayerhq.hu/",
"refsource": "CONFIRM",
"url": "http://ffmpeg.mplayerhq.hu/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-2160",
"datePublished": "2011-05-20T22:00:00",
"dateReserved": "2011-05-20T00:00:00",
"dateUpdated": "2024-08-06T22:53:17.021Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-2162
Vulnerability from cvelistv5
Published
2011-05-20 22:00
Modified
2024-09-16 17:03
Severity ?
EPSS score ?
Summary
Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mandriva Enterprise Server 5 (aka MES5) have unknown impact and attack vectors, related to issues "originally discovered by Google Chrome developers."
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.mandriva.com/security/advisories?name=MDVSA-2011:088 | vendor-advisory, x_refsource_MANDRIVA | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2011:061 | vendor-advisory, x_refsource_MANDRIVA | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2011:062 | vendor-advisory, x_refsource_MANDRIVA | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2011:089 | vendor-advisory, x_refsource_MANDRIVA | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2011:059 | vendor-advisory, x_refsource_MANDRIVA | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2011:060 | vendor-advisory, x_refsource_MANDRIVA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:53:17.228Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2011:088",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:088"
},
{
"name": "MDVSA-2011:061",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
},
{
"name": "MDVSA-2011:062",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:062"
},
{
"name": "MDVSA-2011:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:089"
},
{
"name": "MDVSA-2011:059",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:059"
},
{
"name": "MDVSA-2011:060",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:060"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mandriva Enterprise Server 5 (aka MES5) have unknown impact and attack vectors, related to issues \"originally discovered by Google Chrome developers.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-05-20T22:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDVSA-2011:088",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:088"
},
{
"name": "MDVSA-2011:061",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
},
{
"name": "MDVSA-2011:062",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:062"
},
{
"name": "MDVSA-2011:089",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:089"
},
{
"name": "MDVSA-2011:059",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:059"
},
{
"name": "MDVSA-2011:060",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:060"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-2162",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mandriva Enterprise Server 5 (aka MES5) have unknown impact and attack vectors, related to issues \"originally discovered by Google Chrome developers.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2011:088",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:088"
},
{
"name": "MDVSA-2011:061",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
},
{
"name": "MDVSA-2011:062",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:062"
},
{
"name": "MDVSA-2011:089",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:089"
},
{
"name": "MDVSA-2011:059",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:059"
},
{
"name": "MDVSA-2011:060",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:060"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-2162",
"datePublished": "2011-05-20T22:00:00Z",
"dateReserved": "2011-05-20T00:00:00Z",
"dateUpdated": "2024-09-16T17:03:18.273Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-38851
Vulnerability from cvelistv5
Published
2022-09-15 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
Certain The MPlayer Project products are vulnerable to Out-of-bounds Read via function read_meta_record() of mplayer/libmpdemux/asfheader.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:02:14.614Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://trac.mplayerhq.hu/ticket/2393"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3255-1] mplayer security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain The MPlayer Project products are vulnerable to Out-of-bounds Read via function read_meta_record() of mplayer/libmpdemux/asfheader.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-31T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://trac.mplayerhq.hu/ticket/2393"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3255-1] mplayer security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-38851",
"datePublished": "2022-09-15T00:00:00",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:02:14.614Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-38866
Vulnerability from cvelistv5
Published
2022-09-15 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
Certain The MPlayer Project products are vulnerable to Buffer Overflow via read_avi_header() of libmpdemux/aviheader.c . This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:02:14.681Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://trac.mplayerhq.hu/ticket/2403#comment:2"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3255-1] mplayer security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain The MPlayer Project products are vulnerable to Buffer Overflow via read_avi_header() of libmpdemux/aviheader.c . This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-31T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://trac.mplayerhq.hu/ticket/2403#comment:2"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3255-1] mplayer security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-38866",
"datePublished": "2022-09-15T00:00:00",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:02:14.681Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-38856
Vulnerability from cvelistv5
Published
2022-09-15 14:51
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.
References
| ▼ | URL | Tags |
|---|---|---|
| https://trac.mplayerhq.hu/ticket/2395 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:02:14.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://trac.mplayerhq.hu/ticket/2395"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-15T14:51:09",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://trac.mplayerhq.hu/ticket/2395"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-38856",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://trac.mplayerhq.hu/ticket/2395",
"refsource": "MISC",
"url": "https://trac.mplayerhq.hu/ticket/2395"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-38856",
"datePublished": "2022-09-15T14:51:09",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:02:14.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-38863
Vulnerability from cvelistv5
Published
2022-09-15 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mp_getbits() of libmpdemux/mpeg_hdr.c which affects mencoder and mplayer. This affects mecoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:02:14.612Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://trac.mplayerhq.hu/ticket/2405"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3255-1] mplayer security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mp_getbits() of libmpdemux/mpeg_hdr.c which affects mencoder and mplayer. This affects mecoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-31T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://trac.mplayerhq.hu/ticket/2405"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3255-1] mplayer security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-38863",
"datePublished": "2022-09-15T00:00:00",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:02:14.612Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-38858
Vulnerability from cvelistv5
Published
2022-09-15 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:02:14.673Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://trac.mplayerhq.hu/ticket/2396"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3255-1] mplayer security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-31T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://trac.mplayerhq.hu/ticket/2396"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3255-1] mplayer security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-38858",
"datePublished": "2022-09-15T00:00:00",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:02:14.673Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-38865
Vulnerability from cvelistv5
Published
2022-09-15 00:00
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
Certain The MPlayer Project products are vulnerable to Divide By Zero via the function demux_avi_read_packet of libmpdemux/demux_avi.c. This affects mplyer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:02:14.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://trac.mplayerhq.hu/ticket/2401"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3255-1] mplayer security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain The MPlayer Project products are vulnerable to Divide By Zero via the function demux_avi_read_packet of libmpdemux/demux_avi.c. This affects mplyer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-31T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://trac.mplayerhq.hu/ticket/2401"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3255-1] mplayer security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-38865",
"datePublished": "2022-09-15T00:00:00",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:02:14.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-38853
Vulnerability from cvelistv5
Published
2022-09-15 14:57
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function asf_init_audio_stream() of libmpdemux/asfheader.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.
References
| ▼ | URL | Tags |
|---|---|---|
| https://trac.mplayerhq.hu/ticket/2398 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:02:14.678Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://trac.mplayerhq.hu/ticket/2398"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Certain The MPlayer Project products are vulnerable to Buffer Overflow via function asf_init_audio_stream() of libmpdemux/asfheader.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-15T14:57:26",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://trac.mplayerhq.hu/ticket/2398"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-38853",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Certain The MPlayer Project products are vulnerable to Buffer Overflow via function asf_init_audio_stream() of libmpdemux/asfheader.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://trac.mplayerhq.hu/ticket/2398",
"refsource": "MISC",
"url": "https://trac.mplayerhq.hu/ticket/2398"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-38853",
"datePublished": "2022-09-15T14:57:26",
"dateReserved": "2022-08-29T00:00:00",
"dateUpdated": "2024-08-03T11:02:14.678Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2022-07-14 20:15
Modified
2024-11-21 07:06
Severity ?
Summary
The MPlayer Project v1.5 was discovered to contain a heap use-after-free resulting in a double free in the preinit function at libvo/vo_v4l2.c. This vulnerability can lead to a Denial of Service (DoS) via a crafted file. The device=strdup statement is not executed on every call. Note: This has been disputed by third parties as invalid and not reproduceable.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://bugs.gentoo.org/show_bug.cgi?id=858107 | Third Party Advisory | |
| cve@mitre.org | https://github.com/b17fr13nds/MPlayer_cve_poc | Exploit, Third Party Advisory | |
| cve@mitre.org | https://transfer.sh/m2WcuM/poc_dup.zip | Broken Link, Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.gentoo.org/show_bug.cgi?id=858107 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/b17fr13nds/MPlayer_cve_poc | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://transfer.sh/m2WcuM/poc_dup.zip | Broken Link, Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "86983666-326C-4F95-B6DC-8D3AEEA6A277",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The MPlayer Project v1.5 was discovered to contain a heap use-after-free resulting in a double free in the preinit function at libvo/vo_v4l2.c. This vulnerability can lead to a Denial of Service (DoS) via a crafted file. The device=strdup statement is not executed on every call. Note: This has been disputed by third parties as invalid and not reproduceable."
},
{
"lang": "es",
"value": "Se ha detectado que el proyecto MPlayer v1.5 contiene un heap use-after-free que resulta en un doble free en la funci\u00f3n preinit en libvo/vo_v4l2.c. Esta vulnerabilidad puede llevar a una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un archivo crafteado. La sentencia device=strdup no se ejecuta en cada llamada"
}
],
"id": "CVE-2022-32317",
"lastModified": "2024-11-21T07:06:09.093",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-14T20:15:08.703",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=858107"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/b17fr13nds/MPlayer_cve_poc"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Exploit",
"Third Party Advisory"
],
"url": "https://transfer.sh/m2WcuM/poc_dup.zip"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=858107"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/b17fr13nds/MPlayer_cve_poc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Exploit",
"Third Party Advisory"
],
"url": "https://transfer.sh/m2WcuM/poc_dup.zip"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-09-30 15:00
Modified
2024-11-21 01:18
Severity ?
Summary
flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ffmpeg:libavcodec:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DA07753-777E-469D-BBBA-E300C8FDE9D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1758B705-D44F-4A21-B367-5ECBED78ABF3",
"versionEndIncluding": "0.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B2649A80-4739-4BBB-AB0B-99AD435BE7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4A2E77D-B826-4B49-ADC8-7F704E149A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "18157837-4550-45E3-A12E-AE06E047E253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F42611-C3E2-416B-9AE7-A5AE83E4DEF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3A20789F-26E3-4871-B24E-25E922BADDF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "67C6C243-3ACC-49C3-80CA-D7CA8FEFF0D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6AE6D368-0BA6-4499-B7E1-EE16C03012E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26C0F6EF-0452-4AFE-AF3E-B88F963A0938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5B4DD372-4D3B-445C-8C38-E083A3C0D4A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "733C03D7-2780-4D69-A98D-BCFB91D1119A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0AEE1977-E9E0-4BFF-B33B-B083E49E51F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E6979C17-0BC6-47D1-9B73-254D84306A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "204C7C05-3441-4DB0-8702-D99C8FCB381E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.9:pre1:*:*:*:*:*:*",
"matchCriteriaId": "2E1A7011-B992-4E35-B306-45772DACB23C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8D486C17-FC4A-4AEE-A430-1B1FBCC2C27C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ffmpeg:libavcodec:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DA07753-777E-469D-BBBA-E300C8FDE9D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:*:rc3:*:*:*:*:*:*",
"matchCriteriaId": "8808A0CB-CE9B-4045-BB0B-8A53A07BE821",
"versionEndIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.01:*:*:*:*:*:*:*",
"matchCriteriaId": "6B663B7B-0C85-40C3-A84C-00B7CEC92C1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5B44542F-37E2-42C5-BB6B-43C27E0CE615",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.05:*:*:*:*:*:*:*",
"matchCriteriaId": "2B565EDB-8D94-41E2-A00E-E0BB7E89BC80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.06:*:*:*:*:*:*:*",
"matchCriteriaId": "77F045FF-8868-44F7-AE51-7593C6149E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.07:*:*:*:*:*:*:*",
"matchCriteriaId": "24915C5E-0A30-4B79-B42F-7598F28AC525",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.08:*:*:*:*:*:*:*",
"matchCriteriaId": "B078BBAB-0278-41A2-96AD-115FBCA964CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "AF1D95B7-05AB-49E7-888F-D4C892988B23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.09:pre3:*:*:*:*:*:*",
"matchCriteriaId": "E1975825-BD56-48AB-BE16-56716514BA85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6216C47D-3676-4024-A96A-7D5E5054BDCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.10:pre1:*:*:*:*:*:*",
"matchCriteriaId": "ABB9386A-DBC1-4CED-8CB9-E08BEC92BB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.10:pre2:*:*:*:*:*:*",
"matchCriteriaId": "4940524A-F87C-46A6-A909-96C7EACB2617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.10:pre3:*:*:*:*:*:*",
"matchCriteriaId": "83E25D7C-8910-46E7-8794-37DD945D81FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.10:pre4:*:*:*:*:*:*",
"matchCriteriaId": "0E106220-81FF-48B7-A1A0-27FD2CED1751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.10:pre5:*:*:*:*:*:*",
"matchCriteriaId": "D313F762-0A34-45E4-BE25-2821585B4118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.10:pre6:*:*:*:*:*:*",
"matchCriteriaId": "9D04E492-DACF-442A-876C-B4B52DB12DD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.10:pre7:*:*:*:*:*:*",
"matchCriteriaId": "B30E4A46-AEF5-41AB-A849-AEB1CA30BD1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre10:*:*:*:*:*:*",
"matchCriteriaId": "605C92B3-7A73-41FC-9612-7E67DE9A9BB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre11:*:*:*:*:*:*",
"matchCriteriaId": "91F3EA64-57B5-4601-8FEB-04273A381C13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre12:*:*:*:*:*:*",
"matchCriteriaId": "94308472-68CE-40EA-9FC8-548E9A6833D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre13:*:*:*:*:*:*",
"matchCriteriaId": "00562E3C-5C2C-4A99-9671-04204285A39D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre14:*:*:*:*:*:*",
"matchCriteriaId": "EDB371AC-874B-4388-A36A-BC71713DEF66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre15:*:*:*:*:*:*",
"matchCriteriaId": "1B316122-25EE-4A6D-A465-5D0E3BBE1E4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre16:*:*:*:*:*:*",
"matchCriteriaId": "AC5F2630-C845-4931-9C0C-551FE044BAF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre17:*:*:*:*:*:*",
"matchCriteriaId": "AA2FB65D-28ED-400F-BAAC-8CA079BED222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre18:*:*:*:*:*:*",
"matchCriteriaId": "DC45B569-D46D-4F95-AD36-BD5C04AC4386",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre19:*:*:*:*:*:*",
"matchCriteriaId": "1D3E385D-E4ED-4330-8B4B-E597AE55105F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre2:*:*:*:*:*:*",
"matchCriteriaId": "F10B5AB8-A01E-46E6-89F6-13C58EA0D9E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre20:*:*:*:*:*:*",
"matchCriteriaId": "E138F978-BCBD-4908-94CA-3A9566D0444E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre21:*:*:*:*:*:*",
"matchCriteriaId": "2DC919B1-F4D4-426E-A362-F4616291D148",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre22:*:*:*:*:*:*",
"matchCriteriaId": "8E8B0E5D-8DAF-4ED3-B55D-2DE0F5274552",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre23:*:*:*:*:*:*",
"matchCriteriaId": "143D1CED-358C-4E8D-838C-30495C36F8D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre24:*:*:*:*:*:*",
"matchCriteriaId": "61F78550-0881-4465-A91C-A06A3B0E169E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre3:*:*:*:*:*:*",
"matchCriteriaId": "B76A08BC-264D-4F82-B5A9-C53795E2FBEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre4:*:*:*:*:*:*",
"matchCriteriaId": "5BC48B46-F7FD-4746-A694-A70802D1FAC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre5:*:*:*:*:*:*",
"matchCriteriaId": "51BB189D-E845-4A7A-8FB7-E60B89833AE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre6:*:*:*:*:*:*",
"matchCriteriaId": "BFCEEE05-D6FD-4438-B3A3-DDC93F49CFB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre7:*:*:*:*:*:*",
"matchCriteriaId": "93115B4E-A11F-44A8-8928-5029C6A579D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre8:*:*:*:*:*:*",
"matchCriteriaId": "E5EECC3A-D8BB-4AF1-82D4-09C2C3DE2B54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.11:pre9:*:*:*:*:*:*",
"matchCriteriaId": "7DDAB10F-4F51-48B6-859E-93223E1FCF36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.17_idegcounter:*:*:*:*:*:*:*",
"matchCriteriaId": "DF472EEF-6A61-467F-B3EC-C70EE5610875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.17a_idegcounter:*:*:*:*:*:*:*",
"matchCriteriaId": "05621511-AF2E-4DD3-817E-B641DC3695A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.18:pre1:*:*:*:*:*:*",
"matchCriteriaId": "903F665E-D4A8-471D-8E0F-92CCE5B1A0B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.18:pre2:*:*:*:*:*:*",
"matchCriteriaId": "7F6AA65E-82B8-4C84-BE41-AF71466A7239",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.18:pre3:*:*:*:*:*:*",
"matchCriteriaId": "D540CDE1-23A3-4854-85D6-9AB6B84CB9A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.18:pre4:*:*:*:*:*:*",
"matchCriteriaId": "3ED65D9B-3217-4264-A879-D057EBBBF16B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.18:pre5:*:*:*:*:*:*",
"matchCriteriaId": "6036DE90-6157-4210-BF69-0F43A1B309EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.50:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC794C4-663A-4E9F-B973-5350AF5307FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.50:pre1:*:*:*:*:*:*",
"matchCriteriaId": "A7A8D6EA-BCE2-4B5B-9224-46C4B28BDB12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.50:pre2:*:*:*:*:*:*",
"matchCriteriaId": "677BE6E9-BCDC-4367-AC05-202DB34F443A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.50:pre3:*:*:*:*:*:*",
"matchCriteriaId": "740990B1-F8E4-4EDA-B2AC-68950BFFD26E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "5D7808F0-6E3F-438F-9C06-2446AF35B8DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.60:pre1:*:*:*:*:*:*",
"matchCriteriaId": "96AB25B7-55C8-4B5B-A5D2-7314D390FF22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.60:pre2:*:*:*:*:*:*",
"matchCriteriaId": "BED5EF17-886B-4F1E-962F-139E42ABCAAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "A8F69A0F-7C9B-4F53-8181-230630B439C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:pre1:*:*:*:*:*:*",
"matchCriteriaId": "EE98BF2D-B977-4A30-BB2E-E7A11E5EB871",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:pre10:*:*:*:*:*:*",
"matchCriteriaId": "252D53C2-287E-4498-B62C-F2C64281FAFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:pre2:*:*:*:*:*:*",
"matchCriteriaId": "D5AC7E02-8A78-4A9E-B03C-F16A4F8F64DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:pre3:*:*:*:*:*:*",
"matchCriteriaId": "69B0EC34-8335-4F9E-8E99-681BE313495B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:pre4:*:*:*:*:*:*",
"matchCriteriaId": "54E4673B-605D-4D41-BD95-BC78C2C33DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:pre5:*:*:*:*:*:*",
"matchCriteriaId": "4B4334BC-5B70-475E-97DA-05E8480A6C2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:pre6:*:*:*:*:*:*",
"matchCriteriaId": "5C93DE81-2229-4EB0-A952-D2214BFBD33F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:pre7:*:*:*:*:*:*",
"matchCriteriaId": "0111433E-3F62-4EBA-8B2F-EC0AEE5D8EF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:pre8:*:*:*:*:*:*",
"matchCriteriaId": "7A4C7D9E-6B52-40CC-873C-E66232409F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:pre9:*:*:*:*:*:*",
"matchCriteriaId": "2E4F839F-5FD9-4C57-96EB-58B031FC8902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:rc1:*:*:*:*:*:*",
"matchCriteriaId": "26681756-DF2A-48EA-955F-E6A4F3856EAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:rc2:*:*:*:*:*:*",
"matchCriteriaId": "053C5EE6-E2CF-4E77-861F-D1DA004FBD34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:rc3:*:*:*:*:*:*",
"matchCriteriaId": "D3CBEA9C-325D-4D5B-BE80-B19E295AEE7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:rc3-pre1:*:*:*:*:*:*",
"matchCriteriaId": "DB35FFDD-5924-4580-8B37-E4F9D45BA5E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:rc3-pre2:*:*:*:*:*:*",
"matchCriteriaId": "EE6C14FF-61D5-4384-80C7-A4068BA0EFF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:rc3-pre3:*:*:*:*:*:*",
"matchCriteriaId": "9BB7DA2B-60BE-4798-92A8-B0D380AA9DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:rc4:*:*:*:*:*:*",
"matchCriteriaId": "FFF13917-3DA6-4FE7-8C6C-0F6D276A182D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.90:rc5:*:*:*:*:*:*",
"matchCriteriaId": "809B9FF1-BF82-4815-A96A-E814739AE69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "901C49FD-4D03-46C4-BE17-80BBB580ECD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "A03920C7-82A4-461C-9C77-5312A5CB7A2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.92.1:*:*:*:*:*:*:*",
"matchCriteriaId": "95F5C399-48B2-42C3-9255-7EB15D920943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "AA645501-C83F-4F49-9AC1-8076040D9884",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:pre1:*:*:*:*:*:*",
"matchCriteriaId": "D1A24118-B42E-4798-94D4-F3735C1A0D24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:pre2:*:*:*:*:*:*",
"matchCriteriaId": "0E42DC8E-63D3-4E42-BF4E-DB3F03095FBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:pre3:*:*:*:*:*:*",
"matchCriteriaId": "39268FD5-FA56-4B19-8538-52397893B655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:pre3try2:*:*:*:*:*:*",
"matchCriteriaId": "12EDC636-BBB0-4190-B196-EE30F7C1F145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:pre4:*:*:*:*:*:*",
"matchCriteriaId": "39BBF9C4-5FA4-4C59-8962-18596017E7FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:pre5:*:*:*:*:*:*",
"matchCriteriaId": "D1A605A8-E4ED-4B97-AD3C-5D4E14CA1EFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:pre5try2:*:*:*:*:*:*",
"matchCriteriaId": "38C3BDF2-E330-4DCB-B6CD-245B6449368D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:pre6:*:*:*:*:*:*",
"matchCriteriaId": "568713C9-C639-4019-8745-90D03258CBDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:pre6a:*:*:*:*:*:*",
"matchCriteriaId": "2EA50F69-4528-4377-8C54-8A0242A451C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:pre7:*:*:*:*:*:*",
"matchCriteriaId": "C9E7F2A7-50D4-40A3-9410-65C74108F62C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:pre7try2:*:*:*:*:*:*",
"matchCriteriaId": "82990507-5892-471C-8B17-0EE92B0178D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:pre8:*:*:*:*:*:*",
"matchCriteriaId": "8F63040B-8ABF-4A7D-B6EE-F2A1E941A18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "39B39CDD-FA9A-44A3-A760-DE992B8C7C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "D55429CA-FEA4-4C82-8A8D-98DF43D33EA1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an \"arbitrary offset dereference vulnerability.\""
},
{
"lang": "es",
"value": "flicvideo.c en libavcodec 0.6 y versiones anteriores en FFmpeg, tal como es usado en MPlayer y otros productos, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero flic manipulado, relacionado con una \"arbitrary offset dereference vulnerability.\""
}
],
"id": "CVE-2010-3429",
"lastModified": "2024-11-21T01:18:43.197",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-09-30T15:00:03.457",
"references": [
{
"source": "cve@mitre.org",
"url": "http://git.ffmpeg.org/?p=ffmpeg%3Ba=commit%3Bh=16c592155f117ccd7b86006c45aacc692a81c23b"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41626"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/43323"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2011/dsa-2165"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:060"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:062"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:088"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:089"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:112"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:114"
},
{
"source": "cve@mitre.org",
"url": "http://www.ocert.org/advisories/ocert-2010-004.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2010/09/28/4"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/514009/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-1104-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2517"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2518"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2011/1241"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=635775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.ffmpeg.org/?p=ffmpeg%3Ba=commit%3Bh=16c592155f117ccd7b86006c45aacc692a81c23b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41626"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/43323"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2165"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:088"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:112"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ocert.org/advisories/ocert-2010-004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2010/09/28/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/514009/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-1104-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2518"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/1241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=635775"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-15 16:15
Modified
2024-11-21 07:17
Severity ?
Summary
Certain The MPlayer Project products are vulnerable to Out-of-bounds Read via function read_meta_record() of mplayer/libmpdemux/asfheader.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://trac.mplayerhq.hu/ticket/2393 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://trac.mplayerhq.hu/ticket/2393 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mplayerhq:mencoder:svn-r38374-13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2B18F3A-E12A-402C-808B-94ACD88849AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:svn-r38374-13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "603AB9B7-DDE8-483C-995D-0003A7B02CC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain The MPlayer Project products are vulnerable to Out-of-bounds Read via function read_meta_record() of mplayer/libmpdemux/asfheader.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1."
},
{
"lang": "es",
"value": "Algunos productos de The MPlayer Project son vulnerables a una lectura fuera de l\u00edmites por medio de la funci\u00f3n read_meta_record() del archivo mplayer/libmpdemux/asfheader.c. Esto afecta a mplayer versi\u00f3n SVN-r38374-13.0.1 y mencoder versi\u00f3n SVN-r38374-13.0.1"
}
],
"id": "CVE-2022-38851",
"lastModified": "2024-11-21T07:17:10.477",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-15T16:15:10.627",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2393"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-15 15:15
Modified
2024-11-21 07:17
Severity ?
Summary
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mp_getbits() of libmpdemux/mpeg_hdr.c which affects mencoder and mplayer. This affects mecoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://trac.mplayerhq.hu/ticket/2405 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://trac.mplayerhq.hu/ticket/2405 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mplayerhq:mencoder:svn-r38374-13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2B18F3A-E12A-402C-808B-94ACD88849AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:svn-r38374-13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "603AB9B7-DDE8-483C-995D-0003A7B02CC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mp_getbits() of libmpdemux/mpeg_hdr.c which affects mencoder and mplayer. This affects mecoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1."
},
{
"lang": "es",
"value": "Determinados productos de The MPlayer Project son vulnerables al desbordamiento del b\u00fafer por medio de la funci\u00f3n mp_getbits() del archivo libmpdemux/mpeg_hdr.c que afecta a mencoder y mplayer. Esto afecta a mecoder SVN-r38374-13.0.1 y mplayer SVN-r38374-13.0.1"
}
],
"id": "CVE-2022-38863",
"lastModified": "2024-11-21T07:17:11.710",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-15T15:15:10.240",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2405"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2405"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-15 15:15
Modified
2024-11-21 07:17
Severity ?
Summary
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function gen_sh_video () of mplayer/libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://trac.mplayerhq.hu/ticket/2392 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://trac.mplayerhq.hu/ticket/2392 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mplayerhq:mencoder:svn-r38374-13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2B18F3A-E12A-402C-808B-94ACD88849AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:svn-r38374-13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "603AB9B7-DDE8-483C-995D-0003A7B02CC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain The MPlayer Project products are vulnerable to Buffer Overflow via function gen_sh_video () of mplayer/libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1."
},
{
"lang": "es",
"value": "Determinados productos de The MPlayer Project son vulnerables al desbordamiento del b\u00fafer por medio de la funci\u00f3n gen_sh_video() del archivo mplayer/libmpdemux/demux_mov.c. Esto afecta a mplayer versi\u00f3n SVN-r38374-13.0.1 y mencoder versi\u00f3n SVN-r38374-13.0.1"
}
],
"id": "CVE-2022-38855",
"lastModified": "2024-11-21T07:17:10.793",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-15T15:15:10.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2392"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-15 15:15
Modified
2024-11-21 07:17
Severity ?
Summary
Certain The MPlayer Project products are vulnerable to Buffer Overflow via the function mp_unescape03() of libmpdemux/mpeg_hdr.c. This affects mencoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://trac.mplayerhq.hu/ticket/2406 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://trac.mplayerhq.hu/ticket/2406 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mplayerhq:mencoder:svn-r38374-13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2B18F3A-E12A-402C-808B-94ACD88849AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:svn-r38374-13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "603AB9B7-DDE8-483C-995D-0003A7B02CC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain The MPlayer Project products are vulnerable to Buffer Overflow via the function mp_unescape03() of libmpdemux/mpeg_hdr.c. This affects mencoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1."
},
{
"lang": "es",
"value": "Determinados productos de The MPlayer Project son vulnerables al desbordamiento del b\u00fafer por la funci\u00f3n mp_unescape03() del archivo libmpdemux/mpeg_hdr.c. Esto afecta a mencoder SVN-r38374-13.0.1 y mplayer SVN-r38374-13.0.1"
}
],
"id": "CVE-2022-38864",
"lastModified": "2024-11-21T07:17:11.877",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-15T15:15:10.277",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2406"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-15 15:15
Modified
2024-11-21 07:17
Severity ?
Summary
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://trac.mplayerhq.hu/ticket/2396 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://trac.mplayerhq.hu/ticket/2396 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mplayerhq:mencoder:svn-r38374-13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2B18F3A-E12A-402C-808B-94ACD88849AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:svn-r38374-13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "603AB9B7-DDE8-483C-995D-0003A7B02CC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1."
},
{
"lang": "es",
"value": "Determinados productos de The MPlayer Project son vulnerables al desbordamiento del b\u00fafer por medio de la funci\u00f3n mov_build_index() del archivo libmpdemux/demux_mov.c. Esto afecta a mplayer versi\u00f3n SVN-r38374-13.0.1 y mencoder versi\u00f3n SVN-r38374-13.0.1"
}
],
"id": "CVE-2022-38858",
"lastModified": "2024-11-21T07:17:11.093",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-15T15:15:10.077",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2396"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-15 15:15
Modified
2024-11-21 07:17
Severity ?
Summary
The MPlayer Project mplayer SVN-r38374-13.0.1 is vulnerable to memory corruption via function free_mp_image() of libmpcodecs/mp_image.c.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://trac.mplayerhq.hu/ticket/2407 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://trac.mplayerhq.hu/ticket/2407 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mplayerhq | mplayer | svn-r38374-13.0.1 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:svn-r38374-13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "603AB9B7-DDE8-483C-995D-0003A7B02CC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The MPlayer Project mplayer SVN-r38374-13.0.1 is vulnerable to memory corruption via function free_mp_image() of libmpcodecs/mp_image.c."
},
{
"lang": "es",
"value": "The MPlayer Project mplayer versi\u00f3n SVN-r38374-13.0.1, es vulnerable a una corrupci\u00f3n de memoria por medio de la funci\u00f3n free_mp_image() del archivo libmpcodecs/mp_image.c"
}
],
"id": "CVE-2022-38861",
"lastModified": "2024-11-21T07:17:11.403",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-15T15:15:10.157",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2407"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-15 15:15
Modified
2024-11-21 07:17
Severity ?
Summary
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function asf_init_audio_stream() of libmpdemux/asfheader.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://trac.mplayerhq.hu/ticket/2398 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://trac.mplayerhq.hu/ticket/2398 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mplayerhq:mencoder:svn-r38374-13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2B18F3A-E12A-402C-808B-94ACD88849AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:svn-r38374-13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "603AB9B7-DDE8-483C-995D-0003A7B02CC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain The MPlayer Project products are vulnerable to Buffer Overflow via function asf_init_audio_stream() of libmpdemux/asfheader.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1."
},
{
"lang": "es",
"value": "Determinados productos de The MPlayer Project son vulnerables a un desbordamiento del b\u00fafer por medio de la funci\u00f3n asf_init_audio_stream() del archivo libmpdemux/asfheader.c. Esto afecta a mplayer versi\u00f3n SVN-r38374-13.0.1 y mencoder versi\u00f3n SVN-r38374-13.0.1"
}
],
"id": "CVE-2022-38853",
"lastModified": "2024-11-21T07:17:10.643",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-15T15:15:09.963",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2398"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-05-20 22:55
Modified
2024-11-21 01:27
Severity ?
Summary
Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mandriva Enterprise Server 5 (aka MES5) have unknown impact and attack vectors, related to issues "originally discovered by Google Chrome developers."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ffmpeg | ffmpeg | 0.4.0 | |
| ffmpeg | ffmpeg | 0.4.2 | |
| ffmpeg | ffmpeg | 0.4.3 | |
| ffmpeg | ffmpeg | 0.4.4 | |
| ffmpeg | ffmpeg | 0.4.5 | |
| ffmpeg | ffmpeg | 0.4.6 | |
| ffmpeg | ffmpeg | 0.4.7 | |
| ffmpeg | ffmpeg | 0.4.8 | |
| ffmpeg | ffmpeg | 0.4.9 | |
| ffmpeg | ffmpeg | 0.5.1 | |
| ffmpeg | ffmpeg | 0.5.2 | |
| ffmpeg | ffmpeg | 0.5.3 | |
| ffmpeg | ffmpeg | 0.5.4 | |
| ffmpeg | ffmpeg | 0.6.1 | |
| mplayerhq | mplayer | 1.0 | |
| mandriva | corporate_server | 4.0 | |
| mandriva | enterprise_server | 5 | |
| mandriva | linux | 2009.0 | |
| mandriva | linux | 2010.0 | |
| mandriva | linux | 2010.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "67C6C243-3ACC-49C3-80CA-D7CA8FEFF0D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6AE6D368-0BA6-4499-B7E1-EE16C03012E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26C0F6EF-0452-4AFE-AF3E-B88F963A0938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5B4DD372-4D3B-445C-8C38-E083A3C0D4A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "733C03D7-2780-4D69-A98D-BCFB91D1119A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0AEE1977-E9E0-4BFF-B33B-B083E49E51F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E6979C17-0BC6-47D1-9B73-254D84306A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "204C7C05-3441-4DB0-8702-D99C8FCB381E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.9:pre1:*:*:*:*:*:*",
"matchCriteriaId": "2E1A7011-B992-4E35-B306-45772DACB23C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "632BC7C2-FE59-47B0-885C-0EB8C74DF041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D1AE0BF-A6FD-4EBA-BF61-07AC81EA560D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B8FA106-FE65-4BB0-92A7-E8A5AF978A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "514669DA-8D02-44CE-BE18-8783F69AE394",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "157ABA40-6101-4E9C-A24C-84F8E23D374D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D26EEA1C-3A0B-4AD1-AFFD-01DA728F8ED8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mandriva:corporate_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "35578C7D-7F96-420A-B60E-2940F7E43E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandriva:enterprise_server:5:*:*:*:*:*:*:*",
"matchCriteriaId": "95A638FF-4AF2-48E9-8977-6EC624A619EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandriva:linux:2009.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F90D927-CBCD-4432-9C04-A5F040D8F337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandriva:linux:2010.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F31B20FC-4AC9-4F3F-ABD8-230FA89B07FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandriva:linux:2010.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3DD706-4A70-4F67-951B-64CDAD223F3F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mandriva Enterprise Server 5 (aka MES5) have unknown impact and attack vectors, related to issues \"originally discovered by Google Chrome developers.\""
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en FFmpeg v0.4.x hasta v0.6.x, tal como se utiliza en MPlayer v1.0 y otros productos, en Mandriva Linux v2009.0, v2010.0 y v2010.1; Corporate Server v4.0 (tambi\u00e9n conocido como CS4.0), y Mandriva Enterprise Server 5 (tambi\u00e9n conocido como MES5) tienen un impacto y vectores de ataque desconocidos, en relaci\u00f3n a las cuestiones \"originalmente descubiertas por los desarrolladores de Google Chrome\"."
}
],
"id": "CVE-2011-2162",
"lastModified": "2024-11-21T01:27:43.517",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-05-20T22:55:06.047",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:059"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:060"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:062"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:088"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:059"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:088"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:089"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-15 15:15
Modified
2024-11-21 07:17
Severity ?
Summary
Certain The MPlayer Project products are vulnerable to Divide By Zero via function demux_open_avi() of libmpdemux/demux_avi.c which affects mencoder. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://trac.mplayerhq.hu/ticket/2402 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://trac.mplayerhq.hu/ticket/2402 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mplayerhq:mencoder:svn-r38374-13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2B18F3A-E12A-402C-808B-94ACD88849AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:svn-r38374-13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "603AB9B7-DDE8-483C-995D-0003A7B02CC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain The MPlayer Project products are vulnerable to Divide By Zero via function demux_open_avi() of libmpdemux/demux_avi.c which affects mencoder. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1."
},
{
"lang": "es",
"value": "Algunos productos de The MPlayer Project son vulnerables a una divisi\u00f3n por cero por medio de la funci\u00f3n demux_open_avi() del archivo libmpdemux/demux_avi.c que afecta a mencoder. Esto afecta a mplayer versi\u00f3n SVN-r38374-13.0.1 y mencoder versi\u00f3n SVN-r38374-13.0.1"
}
],
"id": "CVE-2022-38860",
"lastModified": "2024-11-21T07:17:11.247",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-15T15:15:10.120",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2402"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2402"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-369"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-15 16:15
Modified
2024-11-21 07:16
Severity ?
Summary
Mplayer SVN-r38374-13.0.1 is vulnerable to Memory Leak via vf.c and vf_vo.c.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://trac.mplayerhq.hu/ticket/2390#comment:2 | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://trac.mplayerhq.hu/ticket/2390#comment:2 | Exploit, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:svn-r38374-13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "603AB9B7-DDE8-483C-995D-0003A7B02CC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mplayer SVN-r38374-13.0.1 is vulnerable to Memory Leak via vf.c and vf_vo.c."
},
{
"lang": "es",
"value": "Mplayer versi\u00f3n SVN-r38374-13.0.1, es vulnerable a una p\u00e9rdida de memoria por medio de los archivos vf.c y vf_vo.c"
}
],
"id": "CVE-2022-38600",
"lastModified": "2024-11-21T07:16:48.057",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-15T16:15:10.503",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2390#comment:2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2390#comment:2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-15 15:15
Modified
2024-11-21 07:17
Severity ?
Summary
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://trac.mplayerhq.hu/ticket/2395 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://trac.mplayerhq.hu/ticket/2395 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mplayerhq:mencoder:svn-r38374-13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2B18F3A-E12A-402C-808B-94ACD88849AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:svn-r38374-13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "603AB9B7-DDE8-483C-995D-0003A7B02CC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1."
},
{
"lang": "es",
"value": "Determinados productos de The MPlayer Project son vulnerables al desbordamiento del b\u00fafer por medio de la funci\u00f3n mov_build_index() del archivo libmpdemux/demux_mov.c. Esto afecta a mplayer versi\u00f3n SVN-r38374-13.0.1 y mencoder versi\u00f3n SVN-r38374-13.0.1"
}
],
"id": "CVE-2022-38856",
"lastModified": "2024-11-21T07:17:10.943",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-15T15:15:10.037",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2395"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-05-20 22:55
Modified
2024-11-21 01:19
Severity ?
Summary
FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ffmpeg | ffmpeg | * | |
| ffmpeg | ffmpeg | 0.3 | |
| ffmpeg | ffmpeg | 0.3.1 | |
| ffmpeg | ffmpeg | 0.3.2 | |
| ffmpeg | ffmpeg | 0.3.3 | |
| ffmpeg | ffmpeg | 0.3.4 | |
| ffmpeg | ffmpeg | 0.4.0 | |
| ffmpeg | ffmpeg | 0.4.2 | |
| ffmpeg | ffmpeg | 0.4.3 | |
| ffmpeg | ffmpeg | 0.4.4 | |
| ffmpeg | ffmpeg | 0.4.5 | |
| ffmpeg | ffmpeg | 0.4.6 | |
| ffmpeg | ffmpeg | 0.4.7 | |
| ffmpeg | ffmpeg | 0.4.8 | |
| ffmpeg | ffmpeg | 0.4.9 | |
| ffmpeg | ffmpeg | 0.5 | |
| ffmpeg | ffmpeg | 0.5.1 | |
| ffmpeg | ffmpeg | 0.5.2 | |
| mplayerhq | mplayer | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4DC8258-EB4F-4D4D-B4D7-2066FB9D1C59",
"versionEndIncluding": "0.5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B2649A80-4739-4BBB-AB0B-99AD435BE7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4A2E77D-B826-4B49-ADC8-7F704E149A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "18157837-4550-45E3-A12E-AE06E047E253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F42611-C3E2-416B-9AE7-A5AE83E4DEF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3A20789F-26E3-4871-B24E-25E922BADDF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "67C6C243-3ACC-49C3-80CA-D7CA8FEFF0D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6AE6D368-0BA6-4499-B7E1-EE16C03012E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26C0F6EF-0452-4AFE-AF3E-B88F963A0938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5B4DD372-4D3B-445C-8C38-E083A3C0D4A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "733C03D7-2780-4D69-A98D-BCFB91D1119A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0AEE1977-E9E0-4BFF-B33B-B083E49E51F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E6979C17-0BC6-47D1-9B73-254D84306A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "204C7C05-3441-4DB0-8702-D99C8FCB381E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.9:pre1:*:*:*:*:*:*",
"matchCriteriaId": "2E1A7011-B992-4E35-B306-45772DACB23C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8D486C17-FC4A-4AEE-A430-1B1FBCC2C27C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "632BC7C2-FE59-47B0-885C-0EB8C74DF041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D1AE0BF-A6FD-4EBA-BF61-07AC81EA560D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0AD240-4093-4D11-AE22-F46A08C163D6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file."
},
{
"lang": "es",
"value": "FFmpeg antes de v0.5.4, tal como se utiliza en MPlayer y otros productos, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y bloqueo de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un formato incorrecto de archivo WMV."
}
],
"id": "CVE-2010-3908",
"lastModified": "2024-11-21T01:19:52.770",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-05-20T22:55:02.283",
"references": [
{
"source": "security@ubuntu.com",
"url": "http://ffmpeg.mplayerhq.hu/"
},
{
"source": "security@ubuntu.com",
"url": "http://www.debian.org/security/2011/dsa-2306"
},
{
"source": "security@ubuntu.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
},
{
"source": "security@ubuntu.com",
"url": "http://www.ubuntu.com/usn/usn-1104-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://ffmpeg.mplayerhq.hu/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2306"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-1104-1/"
}
],
"sourceIdentifier": "security@ubuntu.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-15 15:15
Modified
2024-11-21 07:17
Severity ?
Summary
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function play() of libaf/af.c:639. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://trac.mplayerhq.hu/ticket/2404 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://trac.mplayerhq.hu/ticket/2404 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mplayerhq:mencoder:svn-r38374-13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2B18F3A-E12A-402C-808B-94ACD88849AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:svn-r38374-13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "603AB9B7-DDE8-483C-995D-0003A7B02CC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain The MPlayer Project products are vulnerable to Buffer Overflow via function play() of libaf/af.c:639. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1."
},
{
"lang": "es",
"value": "Determinados productos de The MPlayer Project son vulnerables al desbordamiento del b\u00fafer por medio de la funci\u00f3n play() del archivo libaf/af.c:639. Esto afecta a mplayer versi\u00f3n SVN-r38374-13.0.1 y mencoder versi\u00f3n SVN-r38374-13.0.1"
}
],
"id": "CVE-2022-38862",
"lastModified": "2024-11-21T07:17:11.553",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-15T15:15:10.197",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2404"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2404"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-05-20 22:55
Modified
2024-11-21 01:27
Severity ?
Summary
The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer and other products, does not properly restrict read operations, which allows remote attackers to have an unspecified impact via a crafted VC-1 file, a related issue to CVE-2011-0723.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ffmpeg | ffmpeg | * | |
| ffmpeg | ffmpeg | 0.3 | |
| ffmpeg | ffmpeg | 0.3.1 | |
| ffmpeg | ffmpeg | 0.3.2 | |
| ffmpeg | ffmpeg | 0.3.3 | |
| ffmpeg | ffmpeg | 0.3.4 | |
| ffmpeg | ffmpeg | 0.4.0 | |
| ffmpeg | ffmpeg | 0.4.2 | |
| ffmpeg | ffmpeg | 0.4.3 | |
| ffmpeg | ffmpeg | 0.4.4 | |
| ffmpeg | ffmpeg | 0.4.5 | |
| ffmpeg | ffmpeg | 0.4.6 | |
| ffmpeg | ffmpeg | 0.4.7 | |
| ffmpeg | ffmpeg | 0.4.8 | |
| ffmpeg | ffmpeg | 0.4.9 | |
| ffmpeg | ffmpeg | 0.5 | |
| ffmpeg | ffmpeg | 0.5.1 | |
| ffmpeg | ffmpeg | 0.5.2 | |
| mplayerhq | mplayer | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4DC8258-EB4F-4D4D-B4D7-2066FB9D1C59",
"versionEndIncluding": "0.5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B2649A80-4739-4BBB-AB0B-99AD435BE7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4A2E77D-B826-4B49-ADC8-7F704E149A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "18157837-4550-45E3-A12E-AE06E047E253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F42611-C3E2-416B-9AE7-A5AE83E4DEF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3A20789F-26E3-4871-B24E-25E922BADDF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "67C6C243-3ACC-49C3-80CA-D7CA8FEFF0D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6AE6D368-0BA6-4499-B7E1-EE16C03012E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26C0F6EF-0452-4AFE-AF3E-B88F963A0938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5B4DD372-4D3B-445C-8C38-E083A3C0D4A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "733C03D7-2780-4D69-A98D-BCFB91D1119A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0AEE1977-E9E0-4BFF-B33B-B083E49E51F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E6979C17-0BC6-47D1-9B73-254D84306A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "204C7C05-3441-4DB0-8702-D99C8FCB381E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.9:pre1:*:*:*:*:*:*",
"matchCriteriaId": "2E1A7011-B992-4E35-B306-45772DACB23C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8D486C17-FC4A-4AEE-A430-1B1FBCC2C27C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "632BC7C2-FE59-47B0-885C-0EB8C74DF041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D1AE0BF-A6FD-4EBA-BF61-07AC81EA560D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0AD240-4093-4D11-AE22-F46A08C163D6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer and other products, does not properly restrict read operations, which allows remote attackers to have an unspecified impact via a crafted VC-1 file, a related issue to CVE-2011-0723."
},
{
"lang": "es",
"value": "La funcionalidad de decodificaci\u00f3n VC-1 en FFmpeg antes de v0.5.4, tal como se utiliza en MPlayer y otros productos, no restringe correctamente las operaciones de lectura, lo que permite a atacantes remotos tener un impacto no especificado a trav\u00e9s de un archivo VC-1 manipulado, un fallo relacionado con CVE -2011-0723."
}
],
"id": "CVE-2011-2160",
"lastModified": "2024-11-21T01:27:43.253",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-05-20T22:55:05.953",
"references": [
{
"source": "cve@mitre.org",
"url": "http://ffmpeg.mplayerhq.hu/"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/47956"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://ffmpeg.mplayerhq.hu/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/47956"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-15 15:15
Modified
2024-11-21 07:17
Severity ?
Summary
Certain The MPlayer Project products are vulnerable to Divide By Zero via the function demux_avi_read_packet of libmpdemux/demux_avi.c. This affects mplyer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://trac.mplayerhq.hu/ticket/2401 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://trac.mplayerhq.hu/ticket/2401 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mplayerhq:mencoder:svn-r38374-13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2B18F3A-E12A-402C-808B-94ACD88849AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:svn-r38374-13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "603AB9B7-DDE8-483C-995D-0003A7B02CC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain The MPlayer Project products are vulnerable to Divide By Zero via the function demux_avi_read_packet of libmpdemux/demux_avi.c. This affects mplyer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1."
},
{
"lang": "es",
"value": "Determinados productos de The MPlayer Project son vulnerables a la divisi\u00f3n por cero por medio de la funci\u00f3n demux_avi_read_packet del archivo libmpdemux/demux_avi.c. Esto afecta a mplayer versi\u00f3n SVN-r38374-13.0.1 y mencoder versi\u00f3n SVN-r38374-13.0.1"
}
],
"id": "CVE-2022-38865",
"lastModified": "2024-11-21T07:17:12.040",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-15T15:15:10.317",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2401"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2401"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-369"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-09-15 15:15
Modified
2024-11-21 07:17
Severity ?
Summary
Certain The MPlayer Project products are vulnerable to Buffer Overflow via read_avi_header() of libmpdemux/aviheader.c . This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://trac.mplayerhq.hu/ticket/2403#comment:2 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://trac.mplayerhq.hu/ticket/2403#comment:2 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mplayerhq:mencoder:svn-r38374-13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2B18F3A-E12A-402C-808B-94ACD88849AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:svn-r38374-13.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "603AB9B7-DDE8-483C-995D-0003A7B02CC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain The MPlayer Project products are vulnerable to Buffer Overflow via read_avi_header() of libmpdemux/aviheader.c . This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1."
},
{
"lang": "es",
"value": "Determinados productos de The MPlayer Project son vulnerables al desbordamiento del b\u00fafer por medio de la funci\u00f3n read_avi_header() del archivo libmpdemux/aviheader.c . Esto afecta a mplayer versi\u00f3n SVN-r38374-13.0.1 y mencoder versi\u00f3n SVN-r38374-13.0.1"
}
],
"id": "CVE-2022-38866",
"lastModified": "2024-11-21T07:17:12.203",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-15T15:15:10.357",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2403#comment:2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://trac.mplayerhq.hu/ticket/2403#comment:2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-05-20 22:55
Modified
2024-11-21 01:24
Severity ?
Summary
FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a malformed RealMedia file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ffmpeg | ffmpeg | * | |
| ffmpeg | ffmpeg | 0.3 | |
| ffmpeg | ffmpeg | 0.3.1 | |
| ffmpeg | ffmpeg | 0.3.2 | |
| ffmpeg | ffmpeg | 0.3.3 | |
| ffmpeg | ffmpeg | 0.3.4 | |
| ffmpeg | ffmpeg | 0.4.0 | |
| ffmpeg | ffmpeg | 0.4.2 | |
| ffmpeg | ffmpeg | 0.4.3 | |
| ffmpeg | ffmpeg | 0.4.4 | |
| ffmpeg | ffmpeg | 0.4.5 | |
| ffmpeg | ffmpeg | 0.4.6 | |
| ffmpeg | ffmpeg | 0.4.7 | |
| ffmpeg | ffmpeg | 0.4.8 | |
| ffmpeg | ffmpeg | 0.4.9 | |
| ffmpeg | ffmpeg | 0.5 | |
| ffmpeg | ffmpeg | 0.5.1 | |
| ffmpeg | ffmpeg | 0.5.2 | |
| mplayerhq | mplayer | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4DC8258-EB4F-4D4D-B4D7-2066FB9D1C59",
"versionEndIncluding": "0.5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B2649A80-4739-4BBB-AB0B-99AD435BE7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4A2E77D-B826-4B49-ADC8-7F704E149A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "18157837-4550-45E3-A12E-AE06E047E253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F42611-C3E2-416B-9AE7-A5AE83E4DEF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3A20789F-26E3-4871-B24E-25E922BADDF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "67C6C243-3ACC-49C3-80CA-D7CA8FEFF0D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6AE6D368-0BA6-4499-B7E1-EE16C03012E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "26C0F6EF-0452-4AFE-AF3E-B88F963A0938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5B4DD372-4D3B-445C-8C38-E083A3C0D4A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "733C03D7-2780-4D69-A98D-BCFB91D1119A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0AEE1977-E9E0-4BFF-B33B-B083E49E51F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E6979C17-0BC6-47D1-9B73-254D84306A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "204C7C05-3441-4DB0-8702-D99C8FCB381E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.9:pre1:*:*:*:*:*:*",
"matchCriteriaId": "2E1A7011-B992-4E35-B306-45772DACB23C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8D486C17-FC4A-4AEE-A430-1B1FBCC2C27C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "632BC7C2-FE59-47B0-885C-0EB8C74DF041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5D1AE0BF-A6FD-4EBA-BF61-07AC81EA560D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mplayerhq:mplayer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD0AD240-4093-4D11-AE22-F46A08C163D6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a malformed RealMedia file."
},
{
"lang": "es",
"value": "FFmpeg antes de v0.5.4, tal como se utiliza en MPlayer y otros productos, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (da\u00f1os en la memoria din\u00e1mica y bloqueo de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un formato incorrecto de archivo de RealMedia."
}
],
"id": "CVE-2011-0722",
"lastModified": "2024-11-21T01:24:41.730",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-05-20T22:55:02.313",
"references": [
{
"source": "security@ubuntu.com",
"url": "http://ffmpeg.mplayerhq.hu/"
},
{
"source": "security@ubuntu.com",
"url": "http://www.debian.org/security/2011/dsa-2306"
},
{
"source": "security@ubuntu.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
},
{
"source": "security@ubuntu.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:062"
},
{
"source": "security@ubuntu.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:089"
},
{
"source": "security@ubuntu.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:114"
},
{
"source": "security@ubuntu.com",
"url": "http://www.securityfocus.com/bid/47149"
},
{
"source": "security@ubuntu.com",
"url": "http://www.ubuntu.com/usn/usn-1104-1/"
},
{
"source": "security@ubuntu.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/1241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://ffmpeg.mplayerhq.hu/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2306"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:114"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/47149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-1104-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/1241"
}
],
"sourceIdentifier": "security@ubuntu.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}