CVE-2007-4938

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2007-4938
Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value.

7.6 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:H/Au:N/C:C/I:C/A:C

Exploitability : 4.9 / Impact : 10.0

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://osvdb.org/45940
http://secunia.com/advisories/27016 Vendor Advisory
http://securityreason.com/securityalert/3144
http://www.mandriva.com/security/advisories?name=MDKSA-2007:192
http://www.securityfocus.com/archive/1/479222/100/0/threaded
http://www.securityfocus.com/bid/25648 Exploit
http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/36581
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:tru64:*:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*
cpe:2.3:o:ibm:os2:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_98:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*
cpe:2.3:o:santa_cruz_operation:sco_unix:*:*:*:*:*:*:*:*
cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*
cpe:2.3:o:windriver:bsdos:*:*:*:*:*:*:*:*
OR cpe:2.3:a:mplayer:mplayer:1.0_rc1:*:*:*:*:*:*:*
cpe:2.3:o:sgi:irix:*:*:*:*:*:*:*:*
History

No history.

Information

Published : 2007-09-18 19:17

Updated : 2024-02-04 17:13

NVD link : CVE-2007-4938

Mitre link : CVE-2007-4938

CVE.ORG link : CVE-2007-4938

JSON object : View

Products Affected

santa_cruz_operation

  • sco_unix

hp

  • tru64
  • hp-ux

microsoft

  • windows_me
  • windows_2003_server
  • windows_nt
  • windows_xp
  • windows_2000
  • windows_98

mplayer

  • mplayer

sgi

  • irix

ibm

  • aix
  • os2

mandrakesoft

  • mandrake_linux

sun

  • solaris

linux

  • linux_kernel

apple

  • mac_os_x

windriver

  • bsdos
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer