CVE-2004-1187
published 2005-01-10CVE-2004-1187: Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows remote attackers to…
PriorityP434critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
5.18%
91.4th percentile
Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows remote attackers to execute arbitrary code via long PNA_TAG values, a different vulnerability than CVE-2004-1188.
Affected
77 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | mplayer | — | — |
| mandrakesoft | mandrake_linux | — | — |
| mandrakesoft | mandrake_linux | — | — |
| mplayer | mplayer | — | — |
| mplayer | mplayer | — | — |
| mplayer | mplayer | — | — |
| mplayer | mplayer | — | — |
| mplayer | mplayer | — | — |
| mplayer | mplayer | — | — |
| mplayer | mplayer | — | — |
| mplayer | mplayer | — | — |
| mplayer | mplayer | — | — |
| mplayer | mplayer | — | — |
| mplayer | mplayer | — | — |
| mplayer | mplayer | — | — |
| mplayer | mplayer | — | — |
| mplayer | mplayer | — | — |
| mplayer | mplayer | — | — |
| mplayer | mplayer | — | — |
| mplayer | mplayer | — | — |
| xine | xine | — | — |
| xine | xine | — | — |
| xine | xine | — | — |
| xine | xine | — | — |
| xine | xine | — | — |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_debian10.0LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-xg3g-7232-qg4v: Heap-based buffer overflow in the pnm_get_chunk function for xine 0
ghsa_unreviewed·2022-04-29·CVSS 10.0
CVE-2004-1187 [CRITICAL] GHSA-xg3g-7232-qg4v: Heap-based buffer overflow in the pnm_get_chunk function for xine 0
Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows remote attackers to execute arbitrary code via long PNA_TAG values, a different vulnerability than CVE-2004-1188.
GHSA
GHSA-4x57-68g7-9v3f: The pnm_get_chunk function in xine 0
ghsa_unreviewed·2022-04-29·CVSS 10.0
CVE-2004-1188 [CRITICAL] GHSA-4x57-68g7-9v3f: The pnm_get_chunk function in xine 0
The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properly verify that the chunk size is less than the PREAMBLE_SIZE, which causes a read operation with a negative length that leads to a buffer overflow via (1) RMF_TAG, (2) DATA_TAG, (3) PROP_TAG, (4) MDPR_TAG, and (5) CONT_TAG values, a different vulnerability than CVE-2004-1187.
Debian
CVE-2004-1188: mplayer - The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such a...
vendor_debian·2004·CVSS 10.0
CVE-2004-1188 [CRITICAL] CVE-2004-1188: mplayer - The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such a...
The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properly verify that the chunk size is less than the PREAMBLE_SIZE, which causes a read operation with a negative length that leads to a buffer overflow via (1) RMF_TAG, (2) DATA_TAG, (3) PROP_TAG, (4) MDPR_TAG, and (5) CONT_TAG values, a different vulnerability than CVE-2004-1187.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
Debian
CVE-2004-1187: mplayer - Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and ot...
vendor_debian·2004·CVSS 10.0
CVE-2004-1187 [CRITICAL] CVE-2004-1187: mplayer - Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and ot...
Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows remote attackers to execute arbitrary code via long PNA_TAG values, a different vulnerability than CVE-2004-1188.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
No detection rules found.
No public exploits indexed.
http://cvs.sourceforge.net/viewcvs.py/xine/xine-lib/src/input/pnm.c?r1=1.20&r2=1.21http://www.idefense.com/application/poi/display?id=176&type=vulnerabilitieshttp://www.mandriva.com/security/advisories?name=MDKSA-2005:011http://www.mplayerhq.hu/MPlayer/patches/pnm_fix_20041215.diffhttps://exchange.xforce.ibmcloud.com/vulnerabilities/18640http://cvs.sourceforge.net/viewcvs.py/xine/xine-lib/src/input/pnm.c?r1=1.20&r2=1.21http://www.idefense.com/application/poi/display?id=176&type=vulnerabilitieshttp://www.mandriva.com/security/advisories?name=MDKSA-2005:011http://www.mplayerhq.hu/MPlayer/patches/pnm_fix_20041215.diffhttps://exchange.xforce.ibmcloud.com/vulnerabilities/18640
2005-01-10
Published