VYPR

Mplayer

by MPlayer

CVEs (56)

  • CVE-2022-38863Sep 15, 2022
    risk 0.00cvss epss 0.00

    Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mp_getbits() of libmpdemux/mpeg_hdr.c which affects mencoder and mplayer. This affects mecoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1.

  • CVE-2022-38861Sep 15, 2022
    risk 0.00cvss epss 0.00

    The MPlayer Project mplayer SVN-r38374-13.0.1 is vulnerable to memory corruption via function free_mp_image() of libmpcodecs/mp_image.c.

  • CVE-2022-38866Sep 15, 2022
    risk 0.00cvss epss 0.00

    Certain The MPlayer Project products are vulnerable to Buffer Overflow via read_avi_header() of libmpdemux/aviheader.c . This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

  • CVE-2022-38864Sep 15, 2022
    risk 0.00cvss epss 0.00

    Certain The MPlayer Project products are vulnerable to Buffer Overflow via the function mp_unescape03() of libmpdemux/mpeg_hdr.c. This affects mencoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1.

  • CVE-2022-38855Sep 15, 2022
    risk 0.00cvss epss 0.00

    Certain The MPlayer Project products are vulnerable to Buffer Overflow via function gen_sh_video () of mplayer/libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

  • CVE-2022-38858Sep 15, 2022
    risk 0.00cvss epss 0.00

    Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

  • CVE-2022-38860Sep 15, 2022
    risk 0.00cvss epss 0.00

    Certain The MPlayer Project products are vulnerable to Divide By Zero via function demux_open_avi() of libmpdemux/demux_avi.c which affects mencoder. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

  • CVE-2022-32317Jul 14, 2022
    risk 0.00cvss epss 0.01

    The MPlayer Project v1.5 was discovered to contain a heap use-after-free resulting in a double free in the preinit function at libvo/vo_v4l2.c. This vulnerability can lead to a Denial of Service (DoS) via a crafted file. The device=strdup statement is not executed on every call.…

  • CVE-2010-2062Dec 26, 2014
    risk 0.00cvss epss 0.04

    Integer underflow in the real_get_rdt_chunk function in real.c, as used in modules/access/rtsp/real.c in VideoLAN VLC media player before 1.0.1 and stream/realrtsp/real.c in MPlayer before r29447, allows remote attackers to execute arbitrary code via a crafted length value in an…

  • CVE-2011-2162May 20, 2011
    risk 0.00cvss epss 0.02

    Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mandriva Enterprise Server 5 (aka MES5) have unknown impact and attack vectors,…

  • CVE-2011-2161May 20, 2011
    risk 0.00cvss epss 0.01

    The ape_read_header function in ape.c in libavformat in FFmpeg before 0.5.4, as used in MPlayer, VideoLAN VLC media player, and other products, allows remote attackers to cause a denial of service (application crash) via an APE (aka Monkey's Audio) file that contains a header…

  • CVE-2011-2160May 20, 2011
    risk 0.00cvss epss 0.02

    The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer and other products, does not properly restrict read operations, which allows remote attackers to have an unspecified impact via a crafted VC-1 file, a related issue to CVE-2011-0723.

  • CVE-2011-0723May 20, 2011
    risk 0.00cvss epss 0.04

    FFmpeg 0.5.x, as used in MPlayer and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed VC-1 file.

  • CVE-2011-0722May 20, 2011
    risk 0.00cvss epss 0.04

    FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a malformed RealMedia file.

  • CVE-2010-3908May 20, 2011
    risk 0.00cvss epss 0.03

    FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file.

  • CVE-2010-3429Sep 30, 2010
    risk 0.00cvss epss 0.04

    flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."

  • CVE-2008-4869Nov 1, 2008
    risk 0.00cvss epss 0.02

    FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attackers to cause a denial of service (memory consumption) via unknown vectors, aka a "Tcp/udp memory leak."

  • CVE-2007-6718Oct 20, 2008
    risk 0.00cvss epss 0.01

    MPlayer, possibly 1.0rc1, allows remote attackers to cause a denial of service (SIGSEGV and application crash) via (1) a malformed MP3 file, as demonstrated by lol-mplayer.mp3; (2) a malformed Ogg Vorbis file, as demonstrated by lol-mplayer.ogg; (3) a malformed MPEG-1 file, as…

  • CVE-2008-0629Feb 6, 2008
    risk 0.00cvss epss 0.03

    Buffer overflow in stream_cddb.c in MPlayer 1.0rc2 and SVN before r25824 allows remote user-assisted attackers to execute arbitrary code via a CDDB database entry containing a long album title.

  • CVE-2008-0630Feb 6, 2008
    risk 0.00cvss epss 0.04

    Buffer overflow in url.c in MPlayer 1.0rc2 and SVN before r25823 allows remote attackers to execute arbitrary code via a crafted URL that prevents the IPv6 parsing code from setting a pointer to NULL, which causes the buffer to be reused by the unescape code.