CVE-2008-3827

NONE EPSS 95.3%
Published Sep 29, 200817y ago · Modified Jun 16, 20262w ago
Find Similar
Published Sep 29, 2008 17y ago
Last Modified Jun 16, 2026 2w ago

Description

Multiple integer underflows in the Real demuxer (demux_real.c) in MPlayer 1.0_rc2 and earlier allow remote attackers to cause a denial of service (process termination) and possibly execute arbitrary code via a crafted video file that causes the stream_read function to read or write arbitrary memory.

Threat Intelligence

EPSS Exploit Probability
95.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-189

Affected Products 21

VendorProductVersionRange
mplayermplayer* ≤1.0_rc2
mplayermplayer0.90any
mplayermplayer0.90_preany
mplayermplayer0.90_rcany
mplayermplayer0.90_rc4any
mplayermplayer0.91any
mplayermplayer0.92any
mplayermplayer0.92.1any
mplayermplayer0.92_cvsany
mplayermplayer1.0_pre1any
mplayermplayer1.0_pre2any
mplayermplayer1.0_pre3any
mplayermplayer1.0_pre3try2any
mplayermplayer1.0_pre4any
mplayermplayer1.0_pre5any
mplayermplayer1.0_pre5try1any
mplayermplayer1.0_pre5try2any
mplayermplayer1.0_pre6any
mplayermplayer1.0_pre7any
mplayermplayer1.0_pre7try2any
mplayermplayer1.0_rc1any

References 11

Remediation

  • ocert.org http://www.ocert.org/advisories/ocert-2008-013.html
    Patch