CVE-2008-0630
NONE EPSS 88.9%
Published Feb 6, 200818y ago · Modified Jun 16, 20262w ago
Published Feb 6, 2008 18y ago
Last Modified Jun 16, 2026 2w ago
Description
Buffer overflow in url.c in MPlayer 1.0rc2 and SVN before r25823 allows remote attackers to execute arbitrary code via a crafted URL that prevents the IPv6 parsing code from setting a pointer to NULL, which causes the buffer to be reused by the unescape code.
Threat Intelligence
EPSS Exploit Probability
88.9% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| mplayer | mplayer | 1.02rc2 | any |
References 8
- secunia.com http://secunia.com/advisories/28955
- secunia.com http://secunia.com/advisories/28956
- secunia.com http://secunia.com/advisories/29307
- security.gentoo.org http://security.gentoo.org/glsa/glsa-200803-16.xml
- debian.org http://www.debian.org/security/2008/dsa-1496
- mandriva.com http://www.mandriva.com/security/advisories?name=MDVSA-2008:045
- mplayerhq.hu http://www.mplayerhq.hu/design7/news.html
- securityfocus.com http://www.securityfocus.com/bid/27766
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.