← volver
CVE-2007-4938

CVE-2007-4938

EPSS 16.0%
Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value.
Productos afectados
n/a · n/a
PoCs públicas encontradas1
exploitdbwww.exploit-db.com/exploits/30578no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://osvdb.org/45940http://secunia.com/advisories/27016http://securityreason.com/securityalert/3144https://exchange.xforce.ibmcloud.com/vulnerabilities/36581http://www.mandriva.com/security/advisories?name=MDKSA-2007:192http://www.securityfocus.com/archive/1/479222/100/0/threadedhttp://www.securityfocus.com/bid/25648http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt