CVE-2006-0579

2006-02-0801:02:00

Debian Security Bug Tracker

security-tracker.debian.org

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.146

Percentile

95.8%

JSON

Multiple integer overflows in (1) the new_demux_packet function in demuxer.h and (2) the demux_asf_read_packet function in demux_asf.c in MPlayer 1.0pre7try2 and earlier allow remote attackers to execute arbitrary code via an ASF file with a large packet length value. NOTE: the provenance of this information is unknown; portions of the details are obtained from third party information.

OSVersionArchitecturePackageVersionFilename
Debian12allmplayer< 2:1.5+svn38408-1mplayer_2:1.5+svn38408-1_all.deb
Debian11allmplayer< 2:1.4+ds1-1+deb11u1mplayer_2:1.4+ds1-1+deb11u1_all.deb
Debian999allmplayer< 2:1.5+svn38542-1mplayer_2:1.5+svn38542-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	mplayer	< 2:1.5+svn38408-1	mplayer_2:1.5+svn38408-1_all.deb
Debian	11	all	mplayer	< 2:1.4+ds1-1+deb11u1	mplayer_2:1.4+ds1-1+deb11u1_all.deb
Debian	999	all	mplayer	< 2:1.5+svn38542-1	mplayer_2:1.5+svn38542-1_all.deb