CVE-2008-0485

Array index error in libmpdemux/demux_mov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag.
Severity
UNKNOWN
AV:N/AC:M/Au:N/C:C/I:C/A:C
Atk. Vector
NETWORK
Atk. Complexity
MEDIUM
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
VendorProductVersion
mplayermplayer
𝑥
≤ 1.02rc2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
mplayer
bullseye
2:1.4+ds1-1+deb11u1
fixed
bookworm
2:1.5+svn38408-1
fixed
sid
2:1.5+svn38542-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
mplayer
gutsy
Fixed 2:1.0~rc1-0ubuntu13.2
released
feisty
Fixed 2:1.0~rc1-0ubuntu9.3
released
edgy
Fixed 2:0.99+1.0pre8-0ubuntu8.3
released
dapper
Fixed 2:0.99+1.0pre7try2+cvs20060117-0ubuntu8.2
released
Common Weakness Enumeration