CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
95.8%
Multiple integer overflows in (1) the new_demux_packet function in
demuxer.h and (2) the demux_asf_read_packet function in demux_asf.c in
MPlayer 1.0pre7try2 and earlier allow remote attackers to execute arbitrary
code via an ASF file with a large packet length value. NOTE: the provenance
of this information is unknown; portions of the details are obtained from
third party information.