header-logo
Suggest Exploit
vendor:
MPlayer
by:
Unknown
7.5
CVSS
HIGH
Heap-based Buffer Overflow
119
CWE
Product Name: MPlayer
Affected Version From: MPlayer 1.0rc1
Affected Version To: Unknown
Patch Exists: NO
Related CWE: Unknown
CPE: a:mplayer_project:mplayer:1.0rc1
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Heap-based Buffer Overflow in MPlayer

MPlayer is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input data. Attackers can exploit this issue to execute arbitrary code with the privileges of the user running the application. Failed attacks will result in denial-of-service conditions.

Mitigation:

No known mitigation or remediation for this vulnerability.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/25648/info

MPlayer is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input data.

Attackers can exploit this issue to execute arbitrary code with the privileges of the user running the application. Failed attacks will result in denial-of-service conditions.

MPlayer 1.0rc1 is vulnerable; other versions may also be affected.

NOTE: The vendor states that this issue is present only on operating systems with a 'calloc' implementation that is prone to an integer-overflow issue. 

The following proof-of-concept AVI header data is available:
69 6E 64 78 00 FF FF FF 01 11 64 73 20 00 00 10

indx truck size 0xffffff00
wLongsPerEntry 0x0001
BIndexSubType is 0x64
bIndexType is 0x73
nEntriesInuse is 0x10000020

Navigation

Suggest Exploit

Services By CQR