Mplayer: >> Mplayer >> 1.02rc2 Security Vulnerabilities
Buffer overflow in stream_cddb.c in MPlayer 1.0rc2 and SVN before r25824 allows remote user-assisted attackers to execute arbitrary code via a CDDB database entry containing a long album title.
CVSS Score
4.3
EPSS Score
0.027
Published
2008-02-06
Buffer overflow in url.c in MPlayer 1.0rc2 and SVN before r25823 allows remote attackers to execute arbitrary code via a crafted URL that prevents the IPv6 parsing code from setting a pointer to NULL, which causes the buffer to be reused by the unescape code.
CVSS Score
6.8
EPSS Score
0.07
Published
2008-02-06
Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow.
CVSS Score
7.5
EPSS Score
0.046
Published
2008-02-05