CVE-2006-0579 — Mplayer vulnerability

4 documents4 sources

Severity

7.5HIGHNVD

EPSS

3.8%

top 11.89%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mplayer Debian Mplayer

Timeline

PublishedFeb 8

Latest updateMay 1

Description

Multiple integer overflows in (1) the new_demux_packet function in demuxer.h and (2) the demux_asf_read_packet function in demux_asf.c in MPlayer 1.0pre7try2 and earlier allow remote attackers to execute arbitrary code via an ASF file with a large packet length value. NOTE: the provenance of this information is unknown; portions of the details are obtained from third party information.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶NVDmplayer/mplayer1.0_pre7try2

▶debiandebian/mplayer

🔴Vulnerability Details

GHSA

GHSA-95p8-rj77-82f6: Multiple integer overflows in (1) the new_demux_packet function in demuxer↗2022-05-01

▶

📋Vendor Advisories

Debian

CVE-2006-0579: mplayer - Multiple integer overflows in (1) the new_demux_packet function in demuxer.h and...↗2006

▶

💬Community

Bugzilla

CVE-2005-3273 ROSE ndigis verification↗2005-04-19

▶