CVE-2008-5616

Stack-based buffer overflow in the demux_open_vqf function in libmpdemux/demux_vqf.c in MPlayer 1.0 rc2 before r28150 allows remote attackers to execute arbitrary code via a malformed TwinVQ file.

Link	Resource
http://trapkit.de/advisories/TKADV2008-014.txt
http://secunia.com/advisories/33136	Vendor Advisory
http://svn.mplayerhq.hu/mplayer/branches/1.0rc2/libmpdemux/demux_vqf.c?r1=24723&r2=28150&pathrev=28150
http://svn.mplayerhq.hu/mplayer/branches/1.0rc2/libmpdemux/demux_vqf.c?view=log&pathrev=28150#rev28150
http://www.securityfocus.com/bid/32822
http://www.mandriva.com/security/advisories?name=MDVSA-2009:014
http://www.mandriva.com/security/advisories?name=MDVSA-2009:013
http://www.debian.org/security/2009/dsa-1782
http://secunia.com/advisories/34845
http://www.securityfocus.com/archive/1/499214/100/0/threaded

Configuration 1

cpe:2.3:a:mplayer:mplayer:0.92:*:*:*:*:*:*:* cpe:2.3:a:mplayer:mplayer:*:*:*:*:*:*:*:* cpe:2.3:a:mplayer:mplayer:1.0_pre2:*:*:*:*:*:*:* cpe:2.3:a:mplayer:mplayer:0.90:*:*:*:*:*:*:* cpe:2.3:a:mplayer:mplayer:1.0_pre1:*:*:*:*:*:*:* cpe:2.3:a:mplayer:mplayer:0.90_rc:*:*:*:*:*:*:* cpe:2.3:a:mplayer:mplayer:1.0_pre5try2:*:*:*:*:*:*:* cpe:2.3:a:mplayer:mplayer:0.92.1:*:*:*:*:*:*:* cpe:2.3:a:mplayer:mplayer:1.0_pre3:*:*:*:*:*:*:* cpe:2.3:a:mplayer:mplayer:1.0_pre7try2:*:*:*:*:*:*:* cpe:2.3:a:mplayer:mplayer:0.92_cvs:*:*:*:*:*:*:* cpe:2.3:a:mplayer:mplayer:1.0_pre5:*:*:*:*:*:*:* cpe:2.3:a:mplayer:mplayer:0.91:*:*:*:*:*:*:* cpe:2.3:a:mplayer:mplayer:1.0_pre5try1:*:*:*:*:*:*:* cpe:2.3:a:mplayer:mplayer:1.0_pre3try2:*:*:*:*:*:*:* cpe:2.3:a:mplayer:mplayer:1.0_pre7:*:*:*:*:*:*:* cpe:2.3:a:mplayer:mplayer:1.0_pre6:*:*:*:*:*:*:* cpe:2.3:a:mplayer:mplayer:0.90_pre:*:*:*:*:*:*:* cpe:2.3:a:mplayer:mplayer:0.90_rc4:*:*:*:*:*:*:* cpe:2.3:a:mplayer:mplayer:1.0_pre4:*:*:*:*:*:*:*

---

Published : 2008-12-17 01:30

Updated : 2018-10-11 08:56

---

NVD link : CVE-2008-5616

Mitre link : CVE-2008-5616

No products.

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer