Filtered by vendor Mplayer
Subscriptions
Filtered by product Mplayer
Subscriptions
Total
32 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1285 | 1 Mplayer | 1 Mplayer | 2025-04-03 | N/A |
| Buffer overflow in the get_header function in asf_mmst_streaming.c for MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a crafted ASF video stream. | ||||
| CVE-2005-1195 | 2 Mplayer, Xine | 2 Mplayer, Xine-lib | 2025-04-03 | N/A |
| Multiple heap-based buffer overflows in the code used to handle (1) MMS over TCP (MMST) streams or (2) RealMedia RTSP streams in xine-lib before 1.0, and other products that use xine-lib such as MPlayer 1.0pre6 and earlier, allow remote malicious servers to execute arbitrary code. | ||||
| CVE-2005-2718 | 1 Mplayer | 1 Mplayer | 2025-04-03 | N/A |
| Buffer overflow in ad_pcm.c in MPlayer 1.0pre7 and earlier allows remote attackers to execute arbitrary code via crafted PCM audio data, as demonstrated using a video file with an audio header containing a large value in a stream format (strf) chunk. | ||||
| CVE-2006-0579 | 1 Mplayer | 1 Mplayer | 2025-04-03 | N/A |
| Multiple integer overflows in (1) the new_demux_packet function in demuxer.h and (2) the demux_asf_read_packet function in demux_asf.c in MPlayer 1.0pre7try2 and earlier allow remote attackers to execute arbitrary code via an ASF file with a large packet length value. NOTE: the provenance of this information is unknown; portions of the details are obtained from third party information. | ||||
| CVE-2004-1310 | 1 Mplayer | 1 Mplayer | 2025-04-03 | N/A |
| Stack-based buffer overflow in the asf_mmst_streaming.c functionality for MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a large MMST stream packet. | ||||
| CVE-2004-1311 | 1 Mplayer | 1 Mplayer | 2025-04-03 | N/A |
| Integer overflow in the real_setup_and_get_header function in real.c for Unix MPlayer 1.0pre5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a Real RTSP streaming media file with a -1 content-length field, which leads to a heap-based buffer overflow. | ||||
| CVE-2004-0659 | 1 Mplayer | 1 Mplayer | 2025-04-03 | N/A |
| Buffer overflow in TranslateFilename for common.c in MPlayer 1.0pre4 allows remote attackers to execute arbitrary code via a long file name. | ||||
| CVE-2003-0835 | 1 Mplayer | 1 Mplayer | 2025-04-03 | N/A |
| Multiple buffer overflows in asf_http_request of MPlayer before 0.92 allows remote attackers to execute arbitrary code via an ASX header with a long hostname. | ||||
| CVE-2004-0386 | 3 Gentoo, Mandrakesoft, Mplayer | 3 Linux, Mandrake Linux, Mplayer | 2025-04-03 | N/A |
| Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header. | ||||
| CVE-2006-1502 | 1 Mplayer | 1 Mplayer | 2025-04-03 | N/A |
| Multiple integer overflows in MPlayer 1.0pre7try2 allow remote attackers to cause a denial of service and trigger heap-based buffer overflows via (1) a certain ASF file handled by asfheader.c that causes the asf_descrambling function to be passed a negative integer after the conversion from a char to an int or (2) an AVI file with a crafted wLongsPerEntry or nEntriesInUse value in the indx chunk, which is handled in aviheader.c. | ||||
| CVE-2004-1187 | 3 Mandrakesoft, Mplayer, Xine | 4 Mandrake Linux, Mplayer, Xine and 1 more | 2025-04-03 | N/A |
| Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows remote attackers to execute arbitrary code via long PNA_TAG values, a different vulnerability than CVE-2004-1188. | ||||
| CVE-2004-0433 | 2 Mplayer, Xine | 2 Mplayer, Xine-lib | 2025-04-03 | N/A |
| Multiple buffer overflows in the Real-Time Streaming Protocol (RTSP) client for (1) MPlayer before 1.0pre4 and (2) xine lib (xine-lib) before 1-rc4, when playing Real RTSP (realrtsp) streams, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (a) long URLs, (b) long Real server responses, or (c) long Real Data Transport (RDT) packets. | ||||