Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.6
CVSSv2

CVE-2007-1246

Published: 03/03/2007 Updated: 16/10/2018
CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9
VMScore: 676
Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Subscribe to Mplayer

Vulnerability Summary

The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and previous versions, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote malicious users to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than CVE-2007-1387.

Vulnerable Product Search on Vulmon Subscribe to Product

mplayer mplayer

Vendor Advisories

Debian CVElist Bug Report Logs: CVE-2007-1246: DMO decoder heap allocation overflow
Debian Bug report logs - #414072 CVE-2007-1246: DMO decoder heap allocation overflow Package: xine-lib; Maintainer for xine-lib is (unknown); Reported by: Kees Cook <kees@outfluxnet> Date: Fri, 9 Mar 2007 01:51:02 UTC Severity: grave Tags: patch, security Found in version 112+dfsg-2 Fixed in version xine-lib/112+dfs ...
Ubuntu Security Notice: xine-lib vulnerability
Moritz Jodeit discovered that the DMO loader of Xine did not correctly validate the size of an allocated buffer By tricking a user into opening a specially crafted media file, an attacker could execute arbitrary code with the user’s privileges ...
Debian Security Advisories: DSA-1536-1 libxine -- several vulnerabilities
Several local vulnerabilities have been discovered in Xine, a media player library, allowed for a denial of service or arbitrary code execution, which could be exploited through viewing malicious content The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-1246 / CVE-2007-1387 The DMO_VideoDecoder_Open ...

References

CWE-119http://svn.mplayerhq.hu/mplayer/trunk/loader/dmo/DMO_VideoDecoder.c?r1=22019&r2=22204http://svn.mplayerhq.hu/mplayer/trunk/loader/dmo/DMO_VideoDecoder.chttp://lists.grok.org.uk/pipermail/full-disclosure/2007-March/052738.htmlhttp://www.ubuntu.com/usn/usn-433-1http://www.securityfocus.com/bid/22771http://secunia.com/advisories/24448http://secunia.com/advisories/24462http://secunia.com/advisories/24444http://secunia.com/advisories/24446http://www.novell.com/linux/security/advisories/2007_5_sr.htmlhttp://security.gentoo.org/glsa/glsa-200704-09.xmlhttp://secunia.com/advisories/24897http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.449141http://www.novell.com/linux/security/advisories/2007_007_suse.htmlhttp://secunia.com/advisories/24995http://secunia.com/advisories/24866http://security.gentoo.org/glsa/glsa-200705-21.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:055http://www.mandriva.com/security/advisories?name=MDKSA-2007:057http://secunia.com/advisories/25462http://secunia.com/advisories/24443http://www.debian.org/security/2008/dsa-1536http://secunia.com/advisories/29601http://www.vupen.com/english/advisories/2007/0794https://exchange.xforce.ibmcloud.com/vulnerabilities/32747http://www.securityfocus.com/archive/1/466691/30/6900/threadedhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414072https://usn.ubuntu.com/433-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028memory leaklog injectionCVE-2024-3400CVE-2022-48695CVE-2022-48675CVE-2024-34487CVE-2024-33792spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook