CVE-2008-0486

EPSS 4.9%

Published: 2/5/2008Modified: 4/28/2026

Also known as:DEBIAN-CVE-2008-0486

Description

Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow.

Affected packages (1)

Debian/mplayerfrom 0, < 1.0~rc2-8

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-0486