Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0485

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-0485
Last Modified 07 Mar 2011 10:04:47
Published 05 Feb 2008 07:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0485

Summary

Array index error in libmpdemux/demux_mov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag.

Vulnerable Systems

Application

  • Mplayer 1.02rc2


References

VUPEN - ADV-2008-0406

BID - 27499

BUGTRAQ - 20080204 CORE-2008-0122: MPlayer arbitrary pointer dereference

SECTRACK - 1019299

CONFIRM - http://www.mplayerhq.hu/design7/news.html

MANDRIVA - MDVSA-2008:045

DEBIAN - DSA-1496

MISC - http://www.coresecurity.com/?action=item&id=2102

SREASON - 3607

GENTOO - GLSA-200803-16

SECUNIA - 29307

SECUNIA - 28956

SECUNIA - 28955

SECUNIA - 28779


Last Updated: 27 May 2016 10:46:49