CVE 2008-3827
Multiple integer underflows in the Real demuxer (demux_real.c) in MPlayer 1.0_rc2 and earlier allow remote attackers to cause a denial of service (process termination) and possibly execute arbitrary code via a crafted video file that causes the stream_read function to read or write arbitrary memory.
Related bugs and status
CVE-2008-3827 (Candidate) is related to these bugs:
Bug #212601: [CVE-2008-1558] arbitrary code execution via uncontrolled array index
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
212601 | [CVE-2008-1558] arbitrary code execution via uncontrolled array index | mplayer (Ubuntu) | Undecided | Fix Released | ||
212601 | [CVE-2008-1558] arbitrary code execution via uncontrolled array index | mplayer (Ubuntu Dapper) | Undecided | Fix Released | ||
212601 | [CVE-2008-1558] arbitrary code execution via uncontrolled array index | mplayer (Ubuntu Edgy) | Undecided | Won't Fix | ||
212601 | [CVE-2008-1558] arbitrary code execution via uncontrolled array index | mplayer (Ubuntu Feisty) | Undecided | Won't Fix | ||
212601 | [CVE-2008-1558] arbitrary code execution via uncontrolled array index | mplayer (Ubuntu Gutsy) | Undecided | Fix Released | ||
212601 | [CVE-2008-1558] arbitrary code execution via uncontrolled array index | mplayer (Ubuntu Hardy) | Undecided | Fix Released | ||
212601 | [CVE-2008-1558] arbitrary code execution via uncontrolled array index | mplayer (Debian) | Unknown | Fix Released |
Bug #279030: [CVE-2008-3827] Multiple integer underflows in MPlayer 1.0_rc2 and earlier allow remote attackers to cause a denial of service
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
279030 | [CVE-2008-3827] Multiple integer underflows in MPlayer 1.0_rc2 and earlier allow remote attackers to cause a denial of service | mplayer (Ubuntu) | Medium | Fix Released | ||
279030 | [CVE-2008-3827] Multiple integer underflows in MPlayer 1.0_rc2 and earlier allow remote attackers to cause a denial of service | mplayer (Ubuntu Dapper) | Medium | Fix Released | ||
279030 | [CVE-2008-3827] Multiple integer underflows in MPlayer 1.0_rc2 and earlier allow remote attackers to cause a denial of service | mplayer (Ubuntu Gutsy) | Medium | Fix Released | ||
279030 | [CVE-2008-3827] Multiple integer underflows in MPlayer 1.0_rc2 and earlier allow remote attackers to cause a denial of service | mplayer (Ubuntu Hardy) | Medium | Fix Released | ||
279030 | [CVE-2008-3827] Multiple integer underflows in MPlayer 1.0_rc2 and earlier allow remote attackers to cause a denial of service | mplayer (Ubuntu Intrepid) | Medium | Fix Released |
See the
CVE page on Mitre.org
for more details.