Published: 06/02/2008 Updated: 05/09/2008

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Buffer overflow in stream_cddb.c in MPlayer 1.0rc2 and SVN before r25824 allows remote user-assisted malicious users to execute arbitrary code via a CDDB database entry containing a long album title.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mplayer mplayer 1.02rc2

Debian Bug report logs - #464533 mplayer: CVE-2008-0629 buffer overflow via crafted cddb title Package: mplayer; Maintainer for mplayer is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Source for mplayer is src:mplayer (PTS, buildd, popcon) Reported by: Nico Golde <nion@debianorg> Date: Thu, 7 ...

Debian Bug report logs - #464060 CVE-2008-0485/-0486: Vulnerabilities in mplayer Package: mplayer; Maintainer for mplayer is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Source for mplayer is src:mplayer (PTS, buildd, popcon) Reported by: Stefan Fritsch <sf@sfritschde> Date: Mon, 4 Feb 2008 2 ...

Debian Bug report logs - #464532 mplayer: CVE-2008-0630 buffer overflow via crafted url Package: mplayer; Maintainer for mplayer is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Source for mplayer is src:mplayer (PTS, buildd, popcon) Reported by: Nico Golde <nion@debianorg> Date: Thu, 7 Feb 20 ...

CWE-119 http://www.mplayerhq.hu/design7/news.html http://www.debian.org/security/2008/dsa-1496 http://www.securityfocus.com/bid/27765 http://secunia.com/advisories/28956 http://www.mandriva.com/security/advisories?name=MDVSA-2008:045 http://secunia.com/advisories/28955 http://security.gentoo.org/glsa/glsa-200803-16.xml http://secunia.com/advisories/29307 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=464533

CVE-2008-0629

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect