Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1285

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-1285
Last Modified 10 Sep 2008 03:29:44
Published 10 Jan 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1285

Summary

Buffer overflow in the get_header function in asf_mmst_streaming.c for MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a crafted ASF video stream.

Vulnerable Systems

Application

  • Mplayer 0.90

  • Mplayer 0.91

  • Mplayer 0.92

  • Mplayer 0.92.1

  • Mplayer 1.0 Pre1

  • Mplayer 1.0 Pre2

  • Mplayer 1.0 Pre3

  • Mplayer 1.0 Pre3try2

  • Mplayer 1.0 Pre4

  • Mplayer 1.0 Pre5

  • Mplayer 1.0 Pre5try1


References

XF - mplayer-getdata-bo(18631)

MISC - http://tigger.uic.edu/~jlongs2/holes/mplayer.txt


Last Updated: 27 May 2016 10:38:58