CVE-2007-4938
CVE-2007-4938
Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/30578unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://osvdb.org/45940http://secunia.com/advisories/27016http://securityreason.com/securityalert/3144https://exchange.xforce.ibmcloud.com/vulnerabilities/36581http://www.mandriva.com/security/advisories?name=MDKSA-2007:192http://www.securityfocus.com/archive/1/479222/100/0/threadedhttp://www.securityfocus.com/bid/25648http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt