CVE-2007-6402
published 2007-12-17CVE-2007-6402: Stack-based buffer overflow in mplayerc.exe in Media Player Classic (MPC) 6.4.9, when used with the 3ivx 4.5.1 or 5.0.1 codec, allows remote attackers to…
PriorityP345critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
5.80%
92.2th percentile
Stack-based buffer overflow in mplayerc.exe in Media Player Classic (MPC) 6.4.9, when used with the 3ivx 4.5.1 or 5.0.1 codec, allows remote attackers to execute arbitrary code via a certain .mp4 file, possibly a related issue to CVE-2007-6401.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| 3ivx | mpeg-4_codec | — | — |
| 3ivx | mpeg-4_codec | — | — |
| guliverkli | media_player_classic | — | — |
| microsoft | windows_media_player | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-hxgc-wgw8-44gx: Stack-based buffer overflow in mplayer2
ghsa_unreviewed·2022-05-01·CVSS 9.3
CVE-2007-6401 [CRITICAL] CWE-119 GHSA-hxgc-wgw8-44gx: Stack-based buffer overflow in mplayer2
Stack-based buffer overflow in mplayer2.exe in Microsoft Windows Media Player (WMP) 6.4, when used with the 3ivx 4.5.1 or 5.0.1 codec, allows remote attackers to execute arbitrary code via a certain .mp4 file, possibly a related issue to CVE-2007-6402.
GHSA
GHSA-pvjg-m4rc-ch2c: Stack-based buffer overflow in mplayerc
ghsa_unreviewed·2022-05-01·CVSS 9.3
CVE-2007-6402 [CRITICAL] CWE-119 GHSA-pvjg-m4rc-ch2c: Stack-based buffer overflow in mplayerc
Stack-based buffer overflow in mplayerc.exe in Media Player Classic (MPC) 6.4.9, when used with the 3ivx 4.5.1 or 5.0.1 codec, allows remote attackers to execute arbitrary code via a certain .mp4 file, possibly a related issue to CVE-2007-6401.
No detection rules found.
No writeups or analysis indexed.
http://www.securityfocus.com/archive/1/484781/100/0/threadedhttp://www.securityfocus.com/archive/1/484832/100/100/threadedhttp://www.securityfocus.com/bid/26774http://www.securitytracker.com/id?1019064http://www.vupen.com/english/advisories/2007/4141http://www.securityfocus.com/archive/1/484781/100/0/threadedhttp://www.securityfocus.com/archive/1/484832/100/100/threadedhttp://www.securityfocus.com/bid/26774http://www.securitytracker.com/id?1019064http://www.vupen.com/english/advisories/2007/4141
2007-12-17
Published