| ID |
CVE-2006-1502
|
| Summary |
Multiple integer overflows in MPlayer 1.0pre7try2 allow remote attackers to cause a denial of service and trigger heap-based buffer overflows via (1) a certain ASF file handled by asfheader.c that causes the asf_descrambling function to be passed a negative integer after the conversion from a char to an int or (2) an AVI file with a crafted wLongsPerEntry or nEntriesInUse value in the indx chunk, which is handled in aviheader.c. |
| References |
|
| Vulnerable Configurations |
|
| CVSS |
| Base: | 5.1 (as of 18-10-2018 - 16:32) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
HIGH |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| PARTIAL |
PARTIAL |
PARTIAL |
|
| cvss-vector
via4
|
AV:N/AC:H/Au:N/C:P/I:P/A:P
|
| refmap
via4
|
| bid | 17295 | | bugtraq | 20060329 [xfocus-SD-060329]MPlayer: Multiple integer overflows | | fulldisc | 20060329 [xfocus-SD-060329]MPlayer: Multiple integer overflows | | gentoo | GLSA-200605-01 | | mandriva | MDKSA-2006:068 | | misc | http://www.xfocus.org/advisories/200603/11.html | | osvdb | | | sectrack | 1015842 | | secunia | | | sreason | | | vupen | ADV-2006-1156 | | xf | - mplayer-asfheader-integer-overflow(25513)
- mplayer-aviheader-integer-overflow(25514)
|
|
| Last major update |
18-10-2018 - 16:32 |
| Published |
30-03-2006 - 00:06 |
| Last modified |
18-10-2018 - 16:32 |
