CVE-2004-1310 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Mplayer

4 documents4 sources

Severity

10.0CRITICALNVD

EPSS

5.7%

top 9.57%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mplayer Debian Mplayer

Timeline

PublishedJan 10

Latest updateApr 29

Description

Stack-based buffer overflow in the asf_mmst_streaming.c functionality for MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a large MMST stream packet.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

▶debiandebian/mplayer< mplayer 1.0~pre6a-1 (bookworm)

▶Debianmplayer/mplayer< 1.0~pre6a-1+3

▶NVDmplayer/mplayer1.0_pre5

🔴Vulnerability Details

GHSA

GHSA-m329-g327-9vjx: Stack-based buffer overflow in the asf_mmst_streaming↗2022-04-29

▶

OSV

CVE-2004-1310: Stack-based buffer overflow in the asf_mmst_streaming↗2005-01-10

▶

📋Vendor Advisories

Debian

CVE-2004-1310: mplayer - Stack-based buffer overflow in the asf_mmst_streaming.c functionality for MPlaye...↗2004

▶