cbcvebase.
CVE-2004-1187
published 2005-01-10

CVE-2004-1187: Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows remote attackers to…

PriorityP434critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
5.18%
91.4th percentile
Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows remote attackers to execute arbitrary code via long PNA_TAG values, a different vulnerability than CVE-2004-1188.

Affected

77 ranges· showing 25
VendorProductVersion rangeFixed in
debianmplayer
mandrakesoftmandrake_linux
mandrakesoftmandrake_linux
mplayermplayer
mplayermplayer
mplayermplayer
mplayermplayer
mplayermplayer
mplayermplayer
mplayermplayer
mplayermplayer
mplayermplayer
mplayermplayer
mplayermplayer
mplayermplayer
mplayermplayer
mplayermplayer
mplayermplayer
mplayermplayer
mplayermplayer
xinexine
xinexine
xinexine
xinexine
xinexine

CVSS provenance

nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_debian10.0LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.