Published: 04/05/2004 Updated: 11/07/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and previous versions, 0.90, and 0.91 allows remote malicious users to execute arbitrary code via a long Location header.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mplayer mplayer 0.90_pre
mplayer mplayer 0.90_rc
mplayer mplayer 0.90
mplayer mplayer 0.91
mplayer mplayer 1.0_pre1
mplayer mplayer 1.0_pre2
mplayer mplayer 1.0_pre3
gentoo linux 0.7
gentoo linux 1.1a
gentoo linux 0.5
gentoo linux 1.4
mandrakesoft mandrake linux 10.0
mandrakesoft mandrake linux 9.2
gentoo linux 1.2

source: wwwsecurityfocuscom/bid/10008/info It has been reported that MPlayer is prone to a remote HTTP header buffer overflow vulnerability This issue is due to a failure of the application to properly verify buffer bounds on the 'Location' HTTP header during parsing Successful exploitation would immediately produce a denial of service ...

NVD-CWE-Other http://www.securityfocus.com/archive/1/359025 http://www.mplayerhq.hu/homepage/design6/news.html http://security.gentoo.org/glsa/glsa-200403-13.xml http://www.kb.cert.org/vuls/id/723910 http://www.securityfocus.com/bid/10008 http://secunia.com/advisories/11259 http://www.mandriva.com/security/advisories?name=MDKSA-2004:026 http://marc.info/?l=bugtraq&m=108067020624076&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/15675 https://nvd.nist.gov https://www.exploit-db.com/exploits/23896/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-0386

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect