Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
matroska demuxer vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1161
Buffer overflow in the Matroska demuxer (demuxers/demux_matroska.c) in xine-lib prior to 1.1.10.1 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a Matroska file with invalid frame sizes.
Matroska Demuxer
9.8
CVSSv3
CVE-2019-12874
An issue exists in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x up to and including 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free.
Videolan Vlc Media Player
NA
CVE-2010-1442
VideoLAN VLC media player prior to 1.0.6 allows remote malicious users to cause a denial of service (invalid memory access and application crash) or possibly execute arbitrary code via a crafted byte stream to the (1) AVI, (2) ASF, or (3) Matroska (aka MKV) demuxer.
Videolan Vlc Media Player 0.9.2
Videolan Vlc Media Player 0.9.10
Videolan Vlc Media Player 0.9.1
Videolan Vlc Media Player 0.9.0
Videolan Vlc Media Player 0.8.4
Videolan Vlc Media Player 0.8.2
Videolan Vlc Media Player 0.8.1337
Videolan Vlc Media Player 0.8.1
Videolan Vlc Media Player 0.8.0
Videolan Vlc Media Player
Videolan Vlc Media Player 1.0.3
Videolan Vlc Media Player 0.9.6
Videolan Vlc Media Player 0.9.4
Videolan Vlc Media Player 0.8.6h
Videolan Vlc Media Player 0.8.6f
Videolan Vlc Media Player 0.8.6a
Videolan Vlc Media Player 0.8.5
Videolan Vlc Media Player 0.7.2
Videolan Vlc Media Player 0.7.0
Videolan Vlc Media Player 0.5.0
Videolan Vlc Media Player 1.0.1
Videolan Vlc Media Player 1.0.0
NA
CVE-2008-1878
Stack-based buffer overflow in the demux_nsf_send_chunk function in src/demuxers/demux_nsf.c in xine-lib 1.1.12 and previous versions allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long NSF title.
Xine Xine-lib 1.1.9
Xine Xine-lib
Xine Xine-lib 1.1.0
Xine Xine-lib 1.1.1
Xine Xine-lib 1.1.10
Xine Xine-lib 1.1.10.1
Xine Xine-lib 1.1.11
Xine Xine-lib 1.1.11.1
1 EDB exploit
NA
CVE-2011-0531
demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media player 1.1.6.1 and previous versions allows remote malicious users to cause a denial of service (crash) and execute arbitrary commands via a crafted MKV (WebM or Matroska) file that triggers memory corruption, rela...
Videolan Vlc Media Player 1.1.3
Videolan Vlc Media Player 0.7.2
Videolan Vlc Media Player 0.5.0
Videolan Vlc Media Player 0.2.62
Videolan Vlc Media Player 0.4.0
Videolan Vlc Media Player 0.1.99e
Videolan Vlc Media Player 1.0.3
Videolan Vlc Media Player 0.8.0
Videolan Vlc Media Player 0.1.99g
Videolan Vlc Media Player 0.2.70
Videolan Vlc Media Player 0.4.3
Videolan Vlc Media Player 0.9.4
Videolan Vlc Media Player 1.1.4
Videolan Vlc Media Player 0.8.5
Videolan Vlc Media Player 0.6.2
Videolan Vlc Media Player 0.2.61
Videolan Vlc Media Player 0.9.10
Videolan Vlc Media Player 0.2.71
Videolan Vlc Media Player
Videolan Vlc Media Player 1.1.5
Videolan Vlc Media Player 0.2.83
Videolan Vlc Media Player 0.8.4
1 EDB exploit
NA
CVE-2007-1246
The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and previous versions, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote malicious users to cause a buffer overflow and possibly execute arbi...
Mplayer Mplayer
NA
CVE-2007-1387
The DirectShow loader (loader/dshow/DS_VideoDecoder.c) in MPlayer 1.0rc1 and previous versions, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote malicious users to cause a buffer overflow and possibly execute arbitrary code, a...
Mplayer Mplayer
NA
CVE-2008-0073
Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter.
Xine Xine-lib 1.1.10.1
1 EDB exploit
NA
CVE-2008-0486
Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote malicious users to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow.
Mplayer Mplayer 1.02rc2
Xine Xine-lib 1.1.10
NA
CVE-2008-1482
Multiple integer overflows in xine-lib 1.1.11 and previous versions allow remote malicious users to trigger heap-based buffer overflows and possibly execute arbitrary code via (1) a crafted .FLV file, which triggers an overflow in demuxers/demux_flv.c; (2) a crafted .MOV file, wh...
Xine Xine-lib 1.1.11
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »