Certain The MPlayer Project products are vulnerable to Buffer Overflow via the function mp_unescape03() of libmpdemux/mpeg_hdr.c. This affects mencoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1.
References
Link | Resource |
---|---|
https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html | Mailing List Third Party Advisory |
https://trac.mplayerhq.hu/ticket/2406 | Exploit Issue Tracking Third Party Advisory |
Configurations
History
17 Jan 2023, 19:43
Type | Values Removed | Values Added |
---|---|---|
First Time |
Debian
Debian debian Linux |
|
CPE | cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2022/12/msg00042.html - Mailing List, Third Party Advisory |
31 Dec 2022, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
19 Sep 2022, 19:04
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
19 Sep 2022, 17:53
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://trac.mplayerhq.hu/ticket/2406 - Exploit, Issue Tracking, Third Party Advisory | |
CPE | cpe:2.3:a:mplayerhq:mencoder:svn-r38374-13.0.1:*:*:*:*:*:*:* cpe:2.3:a:mplayerhq:mplayer:svn-r38374-13.0.1:*:*:*:*:*:*:* |
|
CWE | CWE-787 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
First Time |
Mplayerhq mplayer
Mplayerhq Mplayerhq mencoder |
15 Sep 2022, 15:29
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-09-15 15:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-38864
Mitre link : CVE-2022-38864
CVE.ORG link : CVE-2022-38864
JSON object : View
Products Affected
mplayerhq
- mencoder
- mplayer
debian
- debian_linux
CWE
CWE-787
Out-of-bounds Write