CVE-2007-4938

NONE EPSS 96.5%
Published Sep 18, 200718y ago · Modified Jun 16, 20262w ago
Find Similar
Published Sep 18, 2007 18y ago
Last Modified Jun 16, 2026 2w ago

Description

Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value.

Threat Intelligence

EPSS Exploit Probability
96.5% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety

Affected Products 21

VendorProductVersionRange
applemac_os_x*any
hphp-ux*any
hptru64*any
ibmaix*any
ibmos2*any
linuxlinux_kernel*any
mandrakesoftmandrake_linux2007any
mandrakesoftmandrake_linux2007any
mandrakesoftmandrake_linux2007.1any
mandrakesoftmandrake_linux2007.1any
microsoftwindows_2000*any
microsoftwindows_2003_server*any
microsoftwindows_98*any
microsoftwindows_me*any
microsoftwindows_nt4.0any
microsoftwindows_xp*any
santa_cruz_operationsco_unix*any
sunsolaris*any
windriverbsdos*any
mplayermplayer1.0_rc1any
sgiirix*any

References 8

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.