CVE-2007-4938

Description

Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value.

Related CPE's

omicrosoftwindows_nt4.0*******

osanta_cruz_operationsco_unix********

omandrakesoftmandrake_linux2007*x86_64*****

omicrosoftwindows_2000********

olinuxlinux_kernel********

owindriverbsdos********

oibmaix********

oibmos2********

omandrakesoftmandrake_linux2007.1*x86_64*****

osunsolaris********

References

http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt

Exploit

25648

Exploit

MDKSA-2007:192

27016

Vendor Advisory

3144

45940

mplayer-avi-file-bo(36581)

20070912 CAL-20070912-1 Multiple vendor produce handling AVI file vulnerabilities

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version

2.0

VectorString

AV:N/AC:H/Au:N/C:C/I:C/A:C

AccessVector

NETWORK

AccessComplexity

HIGH

Authentication

NONE

ConfidentialityImpact

COMPLETE

IntegrityImpact

COMPLETE

AvailabilityImpact

COMPLETE

BaseScore

7.599999904632568

Created by Yello
About Severity.io