Mplayerhq Mplayer vulnerabilities

CVE-2022-38862 [HIGH] CWE-787 CVE-2022-38862: Certain The MPlayer Project products are vulnerable to Buffer Overflow via function play() of libaf/ Certain The MPlayer Project products are vulnerable to Buffer Overflow via function play() of libaf/af.c:639. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

CVE-2022-38600 [MEDIUM] CWE-401 CVE-2022-38600: Mplayer SVN-r38374-13.0.1 is vulnerable to Memory Leak via vf.c and vf_vo.c. Mplayer SVN-r38374-13.0.1 is vulnerable to Memory Leak via vf.c and vf_vo.c.

CVE-2022-38863 [MEDIUM] CWE-787 CVE-2022-38863: Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mp_getbits() of Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mp_getbits() of libmpdemux/mpeg_hdr.c which affects mencoder and mplayer. This affects mecoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1.

CVE-2022-38866 [MEDIUM] CWE-787 CVE-2022-38866: Certain The MPlayer Project products are vulnerable to Buffer Overflow via read_avi_header() of libm Certain The MPlayer Project products are vulnerable to Buffer Overflow via read_avi_header() of libmpdemux/aviheader.c . This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

CVE-2022-38855 [MEDIUM] CWE-787 CVE-2022-38855: Certain The MPlayer Project products are vulnerable to Buffer Overflow via function gen_sh_video () Certain The MPlayer Project products are vulnerable to Buffer Overflow via function gen_sh_video () of mplayer/libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

CVE-2022-38851 [MEDIUM] CWE-125 CVE-2022-38851: Certain The MPlayer Project products are vulnerable to Out-of-bounds Read via function read_meta_rec Certain The MPlayer Project products are vulnerable to Out-of-bounds Read via function read_meta_record() of mplayer/libmpdemux/asfheader.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

CVE-2022-38858 [MEDIUM] CWE-787 CVE-2022-38858: Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index( Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

CVE-2022-38856 [MEDIUM] CWE-787 CVE-2022-38856: Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index( Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

CVE-2022-38853 [MEDIUM] CWE-787 CVE-2022-38853: Certain The MPlayer Project products are vulnerable to Buffer Overflow via function asf_init_audio_s Certain The MPlayer Project products are vulnerable to Buffer Overflow via function asf_init_audio_stream() of libmpdemux/asfheader.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

CVE-2022-38865 [MEDIUM] CWE-369 CVE-2022-38865: Certain The MPlayer Project products are vulnerable to Divide By Zero via the function demux_avi_rea Certain The MPlayer Project products are vulnerable to Divide By Zero via the function demux_avi_read_packet of libmpdemux/demux_avi.c. This affects mplyer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

CVE-2022-38861 [MEDIUM] CWE-787 CVE-2022-38861: The MPlayer Project mplayer SVN-r38374-13.0.1 is vulnerable to memory corruption via function free_m The MPlayer Project mplayer SVN-r38374-13.0.1 is vulnerable to memory corruption via function free_mp_image() of libmpcodecs/mp_image.c.

CVE-2022-38864 [MEDIUM] CWE-787 CVE-2022-38864: Certain The MPlayer Project products are vulnerable to Buffer Overflow via the function mp_unescape0 Certain The MPlayer Project products are vulnerable to Buffer Overflow via the function mp_unescape03() of libmpdemux/mpeg_hdr.c. This affects mencoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1.

CVE-2022-38860 [MEDIUM] CWE-369 CVE-2022-38860: Certain The MPlayer Project products are vulnerable to Divide By Zero via function demux_open_avi() Certain The MPlayer Project products are vulnerable to Divide By Zero via function demux_open_avi() of libmpdemux/demux_avi.c which affects mencoder. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

CVE-2022-32317 [MEDIUM] CWE-416 CVE-2022-32317: The MPlayer Project v1.5 was discovered to contain a heap use-after-free resulting in a double free The MPlayer Project v1.5 was discovered to contain a heap use-after-free resulting in a double free in the preinit function at libvo/vo_v4l2.c. This vulnerability can lead to a Denial of Service (DoS) via a crafted file. The device=strdup statement is not executed on every call. Note: This has been disputed by third parties as invalid and not reprodu

CVE-2011-2162 [CRITICAL] CVE-2011-2162: Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mandriva Enterprise Server 5 (aka MES5) have unknown impact and attack vectors, related to issues "originally discovered by Google Chrome developers."

CVE-2010-3429 [MEDIUM] CWE-94 CVE-2010-3429: flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows r flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."