CVE-2008-3827

EPSS 3.6%

mplayer - integer overflows

Published: 9/29/2008Modified: 3/9/2026

Also known as:DSA-1644-1DEBIAN-CVE-2008-3827

Description

Multiple integer underflows in the Real demuxer (demux_real.c) in MPlayer 1.0_rc2 and earlier allow remote attackers to cause a denial of service (process termination) and possibly execute arbitrary code via a crafted video file that causes the stream_read function to read or write arbitrary memory.

Affected packages (3)

Debian/mplayerfrom 0, < 1.0~rc2-18
Debian/mplayerfrom 0, < 1.0~rc1-12etch5
Debian/mplayerfrom 0, < 1.0~rc2-17+lenny1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-3827