Filtered by vendor Mplayerhq
Subscribe
Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-2162 | 3 Ffmpeg, Mandriva, Mplayerhq | 5 Ffmpeg, Corporate Server, Enterprise Server and 2 more | 2024-11-21 | 10.0 HIGH | N/A |
Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mandriva Enterprise Server 5 (aka MES5) have unknown impact and attack vectors, related to issues "originally discovered by Google Chrome developers." | |||||
CVE-2011-2160 | 2 Ffmpeg, Mplayerhq | 2 Ffmpeg, Mplayer | 2024-11-21 | 9.3 HIGH | N/A |
The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer and other products, does not properly restrict read operations, which allows remote attackers to have an unspecified impact via a crafted VC-1 file, a related issue to CVE-2011-0723. | |||||
CVE-2011-0722 | 2 Ffmpeg, Mplayerhq | 2 Ffmpeg, Mplayer | 2024-11-21 | 6.8 MEDIUM | N/A |
FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a malformed RealMedia file. | |||||
CVE-2010-3908 | 2 Ffmpeg, Mplayerhq | 2 Ffmpeg, Mplayer | 2024-11-21 | 6.8 MEDIUM | N/A |
FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file. | |||||
CVE-2010-3429 | 2 Ffmpeg, Mplayerhq | 3 Ffmpeg, Libavcodec, Mplayer | 2024-11-21 | 6.8 MEDIUM | N/A |
flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability." | |||||
CVE-2022-32317 | 1 Mplayerhq | 1 Mplayer | 2024-08-03 | 4.3 MEDIUM | 5.5 MEDIUM |
The MPlayer Project v1.5 was discovered to contain a heap use-after-free resulting in a double free in the preinit function at libvo/vo_v4l2.c. This vulnerability can lead to a Denial of Service (DoS) via a crafted file. The device=strdup statement is not executed on every call. Note: This has been disputed by third parties as invalid and not reproduceable. |