Debian Mplayer vulnerabilities

49 known vulnerabilities affecting debian/mplayer.

Total CVEs
49
CISA KEV
0
Public exploits
7
Exploited in wild
0
Severity breakdown
CRITICAL11HIGH3MEDIUM11LOW24

Vulnerabilities

Page 3 of 3
CVE-2005-1195LOWCVSS 7.52005
CVE-2005-1195 [HIGH] CVE-2005-1195: mplayer - Multiple heap-based buffer overflows in the code used to handle (1) MMS over TCP... Multiple heap-based buffer overflows in the code used to handle (1) MMS over TCP (MMST) streams or (2) RealMedia RTSP streams in xine-lib before 1.0, and other products that use xine-lib such as MPlayer 1.0pre6 and earlier, allow remote malicious servers to execute arbitrary code. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie:
debian
CVE-2004-0386CRITICALCVSS 10.0PoCfixed in mplayer 1.0~pre6a-1 (bookworm)2004
CVE-2004-0386 [CRITICAL] CVE-2004-0386: mplayer - Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.... Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header. Scope: local bookworm: resolved (fixed in 1.0~pre6a-1) bullseye: resolved (fixed in 1.0~pre6a-1) forky: resolved (fixed in 1.0~pre6a-1) sid: resolved (fixed in 1.0~pre6a-1) trixie: resolved (fixed in 1.0~p
debian
CVE-2004-1310CRITICALCVSS 10.0fixed in mplayer 1.0~pre6a-1 (bookworm)2004
CVE-2004-1310 [CRITICAL] CVE-2004-1310: mplayer - Stack-based buffer overflow in the asf_mmst_streaming.c functionality for MPlaye... Stack-based buffer overflow in the asf_mmst_streaming.c functionality for MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a large MMST stream packet. Scope: local bookworm: resolved (fixed in 1.0~pre6a-1) bullseye: resolved (fixed in 1.0~pre6a-1) forky: resolved (fixed in 1.0~pre6a-1) sid: resolved (fixed in 1.0~pre6a-1) trixie: resolved (fix
debian
CVE-2004-1311CRITICALCVSS 10.0fixed in mplayer 1.0~pre6a-1 (bookworm)2004
CVE-2004-1311 [CRITICAL] CVE-2004-1311: mplayer - Integer overflow in the real_setup_and_get_header function in real.c for Unix MP... Integer overflow in the real_setup_and_get_header function in real.c for Unix MPlayer 1.0pre5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a Real RTSP streaming media file with a -1 content-length field, which leads to a heap-based buffer overflow. Scope: local bookworm: resolved (fixed in 1.0~pre
debian
CVE-2004-1309CRITICALCVSS 10.0fixed in mplayer 1.0~pre6a-1 (bookworm)2004
CVE-2004-1309 [CRITICAL] CVE-2004-1309: mplayer - Heap-based buffer overflow in the demux_open_bmp function in demux_bmp.c for Uni... Heap-based buffer overflow in the demux_open_bmp function in demux_bmp.c for Unix MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a bitmap (BMP) file containing a large biClrUsed field. Scope: local bookworm: resolved (fixed in 1.0~pre6a-1) bullseye: resolved (fixed in 1.0~pre6a-1) forky: resolved (fixed in 1.0~pre6a-1) sid: resolved (fixed i
debian
CVE-2004-0433CRITICALCVSS 10.0fixed in mplayer 1.0~pre6a-1 (bookworm)2004
CVE-2004-0433 [CRITICAL] CVE-2004-0433: mplayer - Multiple buffer overflows in the Real-Time Streaming Protocol (RTSP) client for ... Multiple buffer overflows in the Real-Time Streaming Protocol (RTSP) client for (1) MPlayer before 1.0pre4 and (2) xine lib (xine-lib) before 1-rc4, when playing Real RTSP (realrtsp) streams, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (a) long URLs, (b) long Real server responses, or (c) long Real Data Trans
debian
CVE-2004-1188LOWCVSS 10.02004
CVE-2004-1188 [CRITICAL] CVE-2004-1188: mplayer - The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such a... The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properly verify that the chunk size is less than the PREAMBLE_SIZE, which causes a read operation with a negative length that leads to a buffer overflow via (1) RMF_TAG, (2) DATA_TAG, (3) PROP_TAG, (4) MDPR_TAG, and (5) CONT_TAG values, a diff
debian
CVE-2004-0659LOWCVSS 10.0PoC2004
CVE-2004-0659 [CRITICAL] CVE-2004-0659: mplayer - Buffer overflow in TranslateFilename for common.c in MPlayer 1.0pre4 allows remo... Buffer overflow in TranslateFilename for common.c in MPlayer 1.0pre4 allows remote attackers to execute arbitrary code via a long file name. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved
debian
CVE-2004-1187LOWCVSS 10.02004
CVE-2004-1187 [CRITICAL] CVE-2004-1187: mplayer - Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and ot... Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows remote attackers to execute arbitrary code via long PNA_TAG values, a different vulnerability than CVE-2004-1188. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved
debian
← Previous3 / 3