Vulnerability Details CVE-2008-4610
MPlayer allows remote attackers to cause a denial of service (application crash) via (1) a malformed AAC file, as demonstrated by lol-vlc.aac; or (2) a malformed Ogg Media (OGM) file, as demonstrated by lol-ffplay.ogm, different vectors than CVE-2007-6718.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.036
EPSS Ranking 87.2%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2008-4610
-
cpe:2.3:a:mplayer:mplayer:*
-
cpe:2.3:a:mplayer:mplayer:0.90
-
cpe:2.3:a:mplayer:mplayer:0.90_pre
-
cpe:2.3:a:mplayer:mplayer:0.90_rc
-
cpe:2.3:a:mplayer:mplayer:0.90_rc4
-
cpe:2.3:a:mplayer:mplayer:0.91
-
cpe:2.3:a:mplayer:mplayer:0.92
-
cpe:2.3:a:mplayer:mplayer:0.92.1
-
cpe:2.3:a:mplayer:mplayer:0.92_cvs
-
cpe:2.3:a:mplayer:mplayer:1.0_pre1
-
cpe:2.3:a:mplayer:mplayer:1.0_pre2
-
cpe:2.3:a:mplayer:mplayer:1.0_pre3
-
cpe:2.3:a:mplayer:mplayer:1.0_pre3try2
-
cpe:2.3:a:mplayer:mplayer:1.0_pre4
-
cpe:2.3:a:mplayer:mplayer:1.0_pre5
-
cpe:2.3:a:mplayer:mplayer:1.0_pre5try1
-
cpe:2.3:a:mplayer:mplayer:1.0_pre5try2
-
cpe:2.3:a:mplayer:mplayer:1.0_pre6
-
cpe:2.3:a:mplayer:mplayer:1.0_pre7
-
cpe:2.3:a:mplayer:mplayer:1.0_pre7try2