1. CVE-Search
  2. CVE-2003-0835
ID CVE-2003-0835
Summary Multiple buffer overflows in asf_http_request of MPlayer before 0.92 allows remote attackers to execute arbitrary code via an ASX header with a long hostname.
References
Vulnerable Configurations
  • cpe:2.3:a:mplayer:mplayer:0.90:*:*:*:*:*:*:*
    cpe:2.3:a:mplayer:mplayer:0.90:*:*:*:*:*:*:*
  • cpe:2.3:a:mplayer:mplayer:0.90_pre:*:*:*:*:*:*:*
    cpe:2.3:a:mplayer:mplayer:0.90_pre:*:*:*:*:*:*:*
  • cpe:2.3:a:mplayer:mplayer:0.90_rc:*:*:*:*:*:*:*
    cpe:2.3:a:mplayer:mplayer:0.90_rc:*:*:*:*:*:*:*
  • cpe:2.3:a:mplayer:mplayer:0.90_rc4:*:*:*:*:*:*:*
    cpe:2.3:a:mplayer:mplayer:0.90_rc4:*:*:*:*:*:*:*
  • cpe:2.3:a:mplayer:mplayer:0.91:*:*:*:*:*:*:*
    cpe:2.3:a:mplayer:mplayer:0.91:*:*:*:*:*:*:*
  • cpe:2.3:a:mplayer:mplayer:1.0_pre1:*:*:*:*:*:*:*
    cpe:2.3:a:mplayer:mplayer:1.0_pre1:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 18-10-2016 - 02:37)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bugtraq
  • 20030925 MPlayer Security Advisory #01: Remotely exploitable buffer overflow
  • 20030926 Mplayer Buffer Overflow
  • 20030929 GLSA: media-video/mplayer (200309-15)
conectiva CLA-2003:760
confirm http://www.mplayerhq.hu/homepage/design6/news.html
Last major update 18-10-2016 - 02:37
Published 17-11-2003 - 05:00
Last modified 18-10-2016 - 02:37
Back to Top