Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2008-3827

Published: Sep 29, 2008 | Modified: Oct 11, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2008-3827
CWEhttps://cwe.mitre.org/data/definitions/189.html

Multiple integer underflows in the Real demuxer (demux_real.c) in MPlayer 1.0_rc2 and earlier allow remote attackers to cause a denial of service (process termination) and possibly execute arbitrary code via a crafted video file that causes the stream_read function to read or write arbitrary memory.

Affected Software

Name Vendor Start Version End Version
Mplayer Mplayer 0.92 0.92
Mplayer Mplayer 1.0_pre2 1.0_pre2
Mplayer Mplayer 0.90 0.90
Mplayer Mplayer 1.0_pre1 1.0_pre1
Mplayer Mplayer 0.90_rc 0.90_rc
Mplayer Mplayer 1.0_pre5try2 1.0_pre5try2
Mplayer Mplayer 1.0_rc1 1.0_rc1
Mplayer Mplayer 0.92.1 0.92.1
Mplayer Mplayer 1.0_pre3 1.0_pre3
Mplayer Mplayer 1.0_pre7try2 1.0_pre7try2
Mplayer Mplayer 0.92_cvs 0.92_cvs
Mplayer Mplayer 1.0_pre5 1.0_pre5
Mplayer Mplayer 0.91 0.91
Mplayer Mplayer 1.0_pre5try1 1.0_pre5try1
Mplayer Mplayer 1.0_pre3try2 1.0_pre3try2
Mplayer Mplayer 1.0_pre7 1.0_pre7
Mplayer Mplayer 1.0_pre6 1.0_pre6
Mplayer Mplayer * 1.0_rc2
Mplayer Mplayer 0.90_pre 0.90_pre
Mplayer Mplayer 0.90_rc4 0.90_rc4
Mplayer Mplayer 1.0_pre4 1.0_pre4

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2023 Aqua Security Software Ltd.   Privacy Policy | Terms of Use