Search CVE reports
51 – 60 of 73 results
Stack-based buffer overflow in the demux_open_vqf function in libmpdemux/demux_vqf.c in MPlayer 1.0 rc2 before r28150 allows remote attackers to execute arbitrary code via a malformed TwinVQ file.
1 affected package
mplayer
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mplayer | — | — | — | — |
FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attackers to cause a denial of service (memory consumption) via unknown vectors, aka a "Tcp/udp memory leak."
2 affected packages
ffmpeg, mplayer
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ffmpeg | — | — | — | — |
| mplayer | — | — | — | — |
Unspecified vulnerability in the avcodec_close function in libavcodec/utils.c in FFmpeg 0.4.9 before r14787, as used by MPlayer, has unknown impact and attack vectors, related to a free "on random pointers."
6 affected packages
ffmpeg, ffmpeg-debian, gstreamer0.10-ffmpeg, kino, mplayer, xmovie
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ffmpeg | — | — | — | — |
| ffmpeg-debian | — | — | — | — |
| gstreamer0.10-ffmpeg | — | — | — | — |
| kino | — | — | — | — |
| mplayer | — | — | — | — |
| xmovie | — | — | — | — |
Some fixes available 3 of 14
Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917, as used by MPlayer, allows context-dependent attackers to have an unknown impact via vectors related to an incorrect DCA_MAX_FRAME_SIZE value.
6 affected packages
ffmpeg, ffmpeg-debian, gstreamer0.10-ffmpeg, kino, mplayer, xmovie
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ffmpeg | — | — | — | — |
| ffmpeg-debian | — | — | — | — |
| gstreamer0.10-ffmpeg | — | — | — | — |
| kino | — | — | — | — |
| mplayer | — | — | — | — |
| xmovie | — | — | — | — |
Some fixes available 1 of 12
Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9 before r14715, as used by MPlayer, allow context-dependent attackers to have an unknown impact via vectors related to execution of DTS generation code with a delay...
6 affected packages
ffmpeg, ffmpeg-debian, gstreamer0.10-ffmpeg, kino, mplayer, xmovie
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ffmpeg | — | — | — | — |
| ffmpeg-debian | — | — | — | — |
| gstreamer0.10-ffmpeg | — | — | — | — |
| kino | — | — | — | — |
| mplayer | — | — | — | — |
| xmovie | — | — | — | — |
MPlayer, possibly 1.0rc1, allows remote attackers to cause a denial of service (SIGSEGV and application crash) via (1) a malformed MP3 file, as demonstrated by lol-mplayer.mp3; (2) a malformed Ogg Vorbis file, as demonstrated by...
1 affected package
mplayer
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mplayer | — | — | — | — |
Some fixes available 3 of 14
MPlayer allows remote attackers to cause a denial of service (application crash) via (1) a malformed AAC file, as demonstrated by lol-vlc.aac; or (2) a malformed Ogg Media (OGM) file, as demonstrated by lol-ffplay.ogm, different...
3 affected packages
ffmpeg, ffmpeg-debian, mplayer
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ffmpeg | — | — | — | — |
| ffmpeg-debian | — | — | — | — |
| mplayer | — | — | — | — |
Some fixes available 3 of 4
Multiple integer underflows in the Real demuxer (demux_real.c) in MPlayer 1.0_rc2 and earlier allow remote attackers to cause a denial of service (process termination) and possibly execute arbitrary code via a crafted video file...
1 affected package
mplayer
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mplayer | — | — | — | — |
Some fixes available 3 of 5
Uncontrolled array index in the sdpplin_parse function in stream/realrtsp/sdpplin.c in MPlayer 1.0 rc2 allows remote attackers to overwrite memory and execute arbitrary code via a large streamid SDP parameter. NOTE: this issue...
1 affected package
mplayer
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mplayer | — | — | — | — |
Some fixes available 11 of 24
Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter.
3 affected packages
mplayer, vlc, xine-lib
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| mplayer | — | — | — | — |
| vlc | — | — | — | — |
| xine-lib | — | — | — | — |