CVE-2008-0629 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Mplayer

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources

Severity

4.3MEDIUMNVD

EPSS

2.7%

top 14.21%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mplayer Debian Mplayer

Timeline

PublishedFeb 6

Latest updateMay 1

Description

Buffer overflow in stream_cddb.c in MPlayer 1.0rc2 and SVN before r25824 allows remote user-assisted attackers to execute arbitrary code via a CDDB database entry containing a long album title.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages3 packages

▶debiandebian/mplayer< mplayer 1.0~rc2-8 (bookworm)

▶Debianmplayer/mplayer< 1.0~rc2-8+3

▶NVDmplayer/mplayer1.02rc2

🔴Vulnerability Details

GHSA

GHSA-f6qx-7qq9-x6fq: Buffer overflow in stream_cddb↗2022-05-01

▶

OSV

CVE-2008-0629: Buffer overflow in stream_cddb↗2008-02-06

▶

📋Vendor Advisories

Debian

CVE-2008-0629: mplayer - Buffer overflow in stream_cddb.c in MPlayer 1.0rc2 and SVN before r25824 allows ...↗2008

▶