CVE-2007-6718

NONE EPSS 71.2%
Published Oct 20, 200817y ago · Modified Jun 16, 20262w ago
Find Similar
Published Oct 20, 2008 17y ago
Last Modified Jun 16, 2026 2w ago

Description

MPlayer, possibly 1.0rc1, allows remote attackers to cause a denial of service (SIGSEGV and application crash) via (1) a malformed MP3 file, as demonstrated by lol-mplayer.mp3; (2) a malformed Ogg Vorbis file, as demonstrated by lol-mplayer.ogg; (3) a malformed MPEG-1 file, as demonstrated by lol-mplayer.mpg; (4) a malformed MPEG-2 file, as demonstrated by lol-mplayer.m2v; (5) a malformed MPEG-4 AVI file, as demonstrated by lol-mplayer.avi; (6) a malformed FLAC file, as demonstrated by lol-mplayer.flac; (7) a malformed Ogg Theora file, as demonstrated by lol-mplayer.ogm; (8) a malformed WMV file, as demonstrated by lol-mplayer.wmv; or (9) a malformed AAC file, as demonstrated by lol-mplayer.aac. NOTE: vector 5 might overlap CVE-2007-4938, and vector 6 might overlap CVE-2008-0486.

Threat Intelligence

EPSS Exploit Probability
71.2% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Affected Products 20

VendorProductVersionRange
mplayermplayer* ≤1.0_rc1
mplayermplayer0.90any
mplayermplayer0.90_preany
mplayermplayer0.90_rcany
mplayermplayer0.90_rc4any
mplayermplayer0.91any
mplayermplayer0.92any
mplayermplayer0.92.1any
mplayermplayer0.92_cvsany
mplayermplayer1.0_pre1any
mplayermplayer1.0_pre2any
mplayermplayer1.0_pre3any
mplayermplayer1.0_pre3try2any
mplayermplayer1.0_pre4any
mplayermplayer1.0_pre5any
mplayermplayer1.0_pre5try1any
mplayermplayer1.0_pre5try2any
mplayermplayer1.0_pre6any
mplayermplayer1.0_pre7any
mplayermplayer1.0_pre7try2any

References 2

  • sam.zoy.org http://sam.zoy.org/blog/2007-01-16-exposing-file-parsing-vulnerabilities
  • openwall.com http://www.openwall.com/lists/oss-security/2008/10/07/1

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.