cvelistv5 - cve-2007-4938

CVE-2007-4938 (GCVE-0-2007-4938)

Vulnerability from cvelistv5

Published

2007-09-18 19:00

Modified

2024-08-07 15:17

Severity ?

CWE

Summary

References

URL

Tags

cve@mitre.org	http://osvdb.org/45940
cve@mitre.org	http://secunia.com/advisories/27016	Vendor Advisory
cve@mitre.org	http://securityreason.com/securityalert/3144
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2007:192
cve@mitre.org	http://www.securityfocus.com/archive/1/479222/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/25648	Exploit
cve@mitre.org	http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt	Exploit
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/36581
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/45940
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27016	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/3144
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:192
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/479222/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/25648	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt	Exploit
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/36581

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:17:27.081Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "25648",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25648"
          },
          {
            "name": "3144",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/3144"
          },
          {
            "name": "mplayer-avi-file-bo(36581)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36581"
          },
          {
            "name": "20070912 CAL-20070912-1 Multiple vendor produce handling AVI file vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/479222/100/0/threaded"
          },
          {
            "name": "27016",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27016"
          },
          {
            "name": "45940",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/45940"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt"
          },
          {
            "name": "MDKSA-2007:192",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:192"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-09-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large \"indx truck size\" and nEntriesInuse values, and a certain wLongsPerEntry value."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "25648",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25648"
        },
        {
          "name": "3144",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/3144"
        },
        {
          "name": "mplayer-avi-file-bo(36581)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36581"
        },
        {
          "name": "20070912 CAL-20070912-1 Multiple vendor produce handling AVI file vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/479222/100/0/threaded"
        },
        {
          "name": "27016",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27016"
        },
        {
          "name": "45940",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/45940"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt"
        },
        {
          "name": "MDKSA-2007:192",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:192"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-4938",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large \"indx truck size\" and nEntriesInuse values, and a certain wLongsPerEntry value."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "25648",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25648"
            },
            {
              "name": "3144",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/3144"
            },
            {
              "name": "mplayer-avi-file-bo(36581)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36581"
            },
            {
              "name": "20070912 CAL-20070912-1 Multiple vendor produce handling AVI file vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/479222/100/0/threaded"
            },
            {
              "name": "27016",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27016"
            },
            {
              "name": "45940",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/45940"
            },
            {
              "name": "http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt",
              "refsource": "MISC",
              "url": "http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt"
            },
            {
              "name": "MDKSA-2007:192",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:192"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-4938",
    "datePublished": "2007-09-18T19:00:00",
    "dateReserved": "2007-09-18T00:00:00",
    "dateUpdated": "2024-08-07T15:17:27.081Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-4938\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-09-18T19:17:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large \\\"indx truck size\\\" and nEntriesInuse values, and a certain wLongsPerEntry value.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de b\u00fafer basado en pila en libmpdemux/aviheader.c en MPlayer 1.0rc1 y anteriores permite a atacantes remotos provocar denegaci\u00f3n de servicio (caida de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo .avi con cierto \\\"tama\u00f1o indx tratado\\\" y valores nEntriesInuse, y un cierto valor wLongsPerEntry.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:C/I:C/A:C\",\"baseScore\":7.6,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":4.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FF5999A-9D12-4CDD-8DE9-A89C10B2D574\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61A4F116-1FEE-450E-99AE-6AD9ACDDE570\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:hp:tru64:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FE64F3F-48F6-493F-A81E-2B106FF73AC1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7F01A55-7C37-4BAF-A4D4-61E8AC54FF79\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:ibm:os2:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD5511BD-2A41-4FF6-BD3F-9448F3F8AC90\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"155AD4FB-E527-4103-BCEF-801B653DEA37\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02362C25-B373-4FB1-AF4A-2AFC7F7D4387\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*\",\"matchCriteriaId\":\"19AD5F8D-6EB9-4E4B-9E82-FFBAB68797E9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19D64247-F0A0-4984-84EA-B63FC901F002\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*\",\"matchCriteriaId\":\"316AA6EB-7191-479E-99D5-40DA79E340E7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60EC86B8-5C8C-4873-B364-FB1F8EFE1CFF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_98:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD1B68C0-2676-4F21-8EF0-1749103CB8C2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"799DA395-C7F8-477C-8BC7-5B4B88FB7503\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E53CDA8E-50A8-4509-B070-CCA5604FFB21\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E61F1C9B-44AF-4B35-A7B2-948EEF7639BD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:santa_cruz_operation:sco_unix:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECCBDA43-9C75-4B36-8C90-EF26B8CD777D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"469B74F2-4B89-42B8-8638-731E92D463B9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:windriver:bsdos:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60ACA374-1434-4C02-8327-17BC9C000B65\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mplayer:mplayer:1.0_rc1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83E84D8D-93DA-47C1-9282-E127CD1862E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sgi:irix:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"056B3397-81A9-4128-9F49-ECEBE1743EE8\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/45940\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/27016\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/3144\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2007:192\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/479222/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/25648\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/36581\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/45940\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/27016\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/3144\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2007:192\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/479222/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/25648\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/36581\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

ghsa-cm2q-rjp7-2xcv

Vulnerability from github

Published

2022-05-01 18:28

Modified

2022-05-01 18:28

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-4938"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-09-18T19:17:00Z",
    "severity": "HIGH"
  },
  "details": "Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large \"indx truck size\" and nEntriesInuse values, and a certain wLongsPerEntry value.",
  "id": "GHSA-cm2q-rjp7-2xcv",
  "modified": "2022-05-01T18:28:34Z",
  "published": "2022-05-01T18:28:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-4938"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36581"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/45940"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27016"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/3144"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:192"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/479222/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/25648"
    },
    {
      "type": "WEB",
      "url": "http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value. MPlayer is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input data. Attackers can exploit this issue to execute arbitrary code with the privileges of the user running the application. Failed attacks will result in denial-of-service conditions. MPlayer 1.0rc1 is vulnerable; other versions may also be affected. NOTE: The vendor states that this issue is present only on operating systems with a 'calloc' implementation that is prone to an integer-overflow issue. There is a heap buffer overflow in libmpdemux/aviheader.c in MPlayer.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4938

Updated Packages:

Mandriva Linux 2007.0: 664764460655f8fa3ffe837fe1c753c4 2007.0/i586/libdha1.0-1.0-1.pre8.13.5mdv2007.0.i586.rpm 92e7649f53c13651062b76f33b093f16 2007.0/i586/mencoder-1.0-1.pre8.13.5mdv2007.0.i586.rpm ea399734d197db1b88a8706ad9bf855a 2007.0/i586/mplayer-1.0-1.pre8.13.5mdv2007.0.i586.rpm 9d751d448cf399915dc11233f291bed5 2007.0/i586/mplayer-gui-1.0-1.pre8.13.5mdv2007.0.i586.rpm c015287479e38ccf22e271b3e97cc3ac 2007.0/SRPMS/mplayer-1.0-1.pre8.13.5mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64: a841c634484003178dbe3edcf04250fb 2007.0/x86_64/mencoder-1.0-1.pre8.13.5mdv2007.0.x86_64.rpm 0c59b24ecd8977087b546ad373b5c556 2007.0/x86_64/mplayer-1.0-1.pre8.13.5mdv2007.0.x86_64.rpm 8a9e6cd4f9b438470a08f770a6f3faca 2007.0/x86_64/mplayer-gui-1.0-1.pre8.13.5mdv2007.0.x86_64.rpm c015287479e38ccf22e271b3e97cc3ac 2007.0/SRPMS/mplayer-1.0-1.pre8.13.5mdv2007.0.src.rpm

Mandriva Linux 2007.1: 1f9dba71ed8296072bbb29a276b24349 2007.1/i586/libdha1.0-1.0-1.rc1.11.3mdv2007.1.i586.rpm b679aa7cfb01a9173539045c7ae06a42 2007.1/i586/mencoder-1.0-1.rc1.11.3mdv2007.1.i586.rpm 518690338f0b044e2e591f9cc49c3eab 2007.1/i586/mplayer-1.0-1.rc1.11.3mdv2007.1.i586.rpm 54a46f319a936e2e94c833385dc01b92 2007.1/i586/mplayer-doc-1.0-1.rc1.11.3mdv2007.1.i586.rpm bd9470eb57ee6ced6a9e3358d8d47484 2007.1/i586/mplayer-gui-1.0-1.rc1.11.3mdv2007.1.i586.rpm 3e6887feff803bc3a3efe864842e0679 2007.1/SRPMS/mplayer-1.0-1.rc1.11.3mdv2007.1.src.rpm

Mandriva Linux 2007.1/X86_64: af0ee01741af03a7a75b6a5289dbca9d 2007.1/x86_64/mencoder-1.0-1.rc1.11.3mdv2007.1.x86_64.rpm 0e7e5f18937ebd4a050a683da5116e3e 2007.1/x86_64/mplayer-1.0-1.rc1.11.3mdv2007.1.x86_64.rpm 4eeb75257e99b553e90b2c767fce6903 2007.1/x86_64/mplayer-doc-1.0-1.rc1.11.3mdv2007.1.x86_64.rpm 2604e564242de95388b4e543624db4dc 2007.1/x86_64/mplayer-gui-1.0-1.rc1.11.3mdv2007.1.x86_64.rpm 3e6887feff803bc3a3efe864842e0679 2007.1/SRPMS/mplayer-1.0-1.rc1.11.3mdv2007.1.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFHAV4CmqjQ0CJFipgRAhrhAKC9bfRHlSG6+oVGztLTNtG5AfVqgACg21JC obuu0r4eZMhQuLCVAh4l7Ms= =WAef -----END PGP SIGNATURE-----

Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.

The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,700 different Windows applications.

Request your account, the Secunia Network Software Inspector (NSI): http://secunia.com/network_software_inspector/

TITLE: Mandriva update for mplayer

SECUNIA ADVISORY ID: SA27016

VERIFY ADVISORY: http://secunia.com/advisories/27016/

CRITICAL: Moderately critical

IMPACT: DoS, System access

WHERE:

From remote

OPERATING SYSTEM: Mandriva Linux 2007 http://secunia.com/product/12165/

DESCRIPTION: Mandriva has issued an update for mplayer. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a user's system.

For more information: SA19418

SOLUTION: Apply updated packages.

Mandriva Linux 2007

664764460655f8fa3ffe837fe1c753c4 2007.0/i586/libdha1.0-1.0-1.pre8.13.5mdv2007.0.i586.rpm 92e7649f53c13651062b76f33b093f16 2007.0/i586/mencoder-1.0-1.pre8.13.5mdv2007.0.i586.rpm ea399734d197db1b88a8706ad9bf855a 2007.0/i586/mplayer-1.0-1.pre8.13.5mdv2007.0.i586.rpm 9d751d448cf399915dc11233f291bed5 2007.0/i586/mplayer-gui-1.0-1.pre8.13.5mdv2007.0.i586.rpm c015287479e38ccf22e271b3e97cc3ac 2007.0/SRPMS/mplayer-1.0-1.pre8.13.5mdv2007.0.src.rpm

Mandriva Linux 2007/X86_64

a841c634484003178dbe3edcf04250fb 2007.0/x86_64/mencoder-1.0-1.pre8.13.5mdv2007.0.x86_64.rpm 0c59b24ecd8977087b546ad373b5c556 2007.0/x86_64/mplayer-1.0-1.pre8.13.5mdv2007.0.x86_64.rpm 8a9e6cd4f9b438470a08f770a6f3faca 2007.0/x86_64/mplayer-gui-1.0-1.pre8.13.5mdv2007.0.x86_64.rpm c015287479e38ccf22e271b3e97cc3ac 2007.0/SRPMS/mplayer-1.0-1.pre8.13.5mdv2007.0.src.rpm

ORIGINAL ADVISORY: http://www.mandriva.com/security/advisories?name=MDKSA-2007:192

OTHER REFERENCES: SA19418: http://secunia.com/advisories/19418/

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200709-0172",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "mplayer",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mplayer",
        "version": "1.0_rc1"
      },
      {
        "model": "irix",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sgi",
        "version": "*"
      },
      {
        "model": "mplayer",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "mplayer",
        "version": "1.0rc1"
      },
      {
        "model": "irix",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sgi",
        "version": "6.5"
      },
      {
        "model": "windows me",
        "scope": null,
        "trust": 0.6,
        "vendor": "microsoft",
        "version": null
      },
      {
        "model": "windows nt",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "microsoft",
        "version": "4.0"
      },
      {
        "model": "windows 98",
        "scope": null,
        "trust": 0.6,
        "vendor": "microsoft",
        "version": null
      },
      {
        "model": "windows xp",
        "scope": null,
        "trust": 0.6,
        "vendor": "microsoft",
        "version": null
      },
      {
        "model": "-rc1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mplayer",
        "version": "1.0"
      },
      {
        "model": "linux mandrake x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2007.1"
      },
      {
        "model": "linux mandrake",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2007.1"
      },
      {
        "model": "linux mandrake x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2007.0"
      },
      {
        "model": "linux mandrake",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2007.0"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "25648"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-004396"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200709-234"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-4938"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:mplayer:mplayer",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:sgi:irix",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-004396"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Code Audit Labs is credited with the discovery of this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "25648"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200709-234"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2007-4938",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.6,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 4.9,
            "id": "CVE-2007-4938",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.6,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 4.9,
            "id": "VHN-28300",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:H/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2007-4938",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2007-4938",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200709-234",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-28300",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-28300"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-004396"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200709-234"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-4938"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large \"indx truck size\" and nEntriesInuse values, and a certain wLongsPerEntry value. MPlayer is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input data. \nAttackers can exploit this issue to execute arbitrary code with the privileges of the user running the application. Failed attacks will result in denial-of-service conditions. \nMPlayer 1.0rc1 is vulnerable; other versions may also be affected. \nNOTE: The vendor states that this issue is present only on operating systems with a \u0027calloc\u0027 implementation that is prone to an integer-overflow issue. There is a heap buffer overflow in libmpdemux/aviheader.c in MPlayer. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4938\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.0:\n 664764460655f8fa3ffe837fe1c753c4  2007.0/i586/libdha1.0-1.0-1.pre8.13.5mdv2007.0.i586.rpm\n 92e7649f53c13651062b76f33b093f16  2007.0/i586/mencoder-1.0-1.pre8.13.5mdv2007.0.i586.rpm\n ea399734d197db1b88a8706ad9bf855a  2007.0/i586/mplayer-1.0-1.pre8.13.5mdv2007.0.i586.rpm\n 9d751d448cf399915dc11233f291bed5  2007.0/i586/mplayer-gui-1.0-1.pre8.13.5mdv2007.0.i586.rpm \n c015287479e38ccf22e271b3e97cc3ac  2007.0/SRPMS/mplayer-1.0-1.pre8.13.5mdv2007.0.src.rpm\n\n Mandriva Linux 2007.0/X86_64:\n a841c634484003178dbe3edcf04250fb  2007.0/x86_64/mencoder-1.0-1.pre8.13.5mdv2007.0.x86_64.rpm\n 0c59b24ecd8977087b546ad373b5c556  2007.0/x86_64/mplayer-1.0-1.pre8.13.5mdv2007.0.x86_64.rpm\n 8a9e6cd4f9b438470a08f770a6f3faca  2007.0/x86_64/mplayer-gui-1.0-1.pre8.13.5mdv2007.0.x86_64.rpm \n c015287479e38ccf22e271b3e97cc3ac  2007.0/SRPMS/mplayer-1.0-1.pre8.13.5mdv2007.0.src.rpm\n\n Mandriva Linux 2007.1:\n 1f9dba71ed8296072bbb29a276b24349  2007.1/i586/libdha1.0-1.0-1.rc1.11.3mdv2007.1.i586.rpm\n b679aa7cfb01a9173539045c7ae06a42  2007.1/i586/mencoder-1.0-1.rc1.11.3mdv2007.1.i586.rpm\n 518690338f0b044e2e591f9cc49c3eab  2007.1/i586/mplayer-1.0-1.rc1.11.3mdv2007.1.i586.rpm\n 54a46f319a936e2e94c833385dc01b92  2007.1/i586/mplayer-doc-1.0-1.rc1.11.3mdv2007.1.i586.rpm\n bd9470eb57ee6ced6a9e3358d8d47484  2007.1/i586/mplayer-gui-1.0-1.rc1.11.3mdv2007.1.i586.rpm \n 3e6887feff803bc3a3efe864842e0679  2007.1/SRPMS/mplayer-1.0-1.rc1.11.3mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n af0ee01741af03a7a75b6a5289dbca9d  2007.1/x86_64/mencoder-1.0-1.rc1.11.3mdv2007.1.x86_64.rpm\n 0e7e5f18937ebd4a050a683da5116e3e  2007.1/x86_64/mplayer-1.0-1.rc1.11.3mdv2007.1.x86_64.rpm\n 4eeb75257e99b553e90b2c767fce6903  2007.1/x86_64/mplayer-doc-1.0-1.rc1.11.3mdv2007.1.x86_64.rpm\n 2604e564242de95388b4e543624db4dc  2007.1/x86_64/mplayer-gui-1.0-1.rc1.11.3mdv2007.1.x86_64.rpm \n 3e6887feff803bc3a3efe864842e0679  2007.1/SRPMS/mplayer-1.0-1.rc1.11.3mdv2007.1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.7 (GNU/Linux)\n\niD8DBQFHAV4CmqjQ0CJFipgRAhrhAKC9bfRHlSG6+oVGztLTNtG5AfVqgACg21JC\nobuu0r4eZMhQuLCVAh4l7Ms=\n=WAef\n-----END PGP SIGNATURE-----\n\n. \n\n----------------------------------------------------------------------\n\nTry a new way to discover vulnerabilities that ALREADY EXIST in your\nIT infrastructure. \n\nThe Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT\nvulnerabilities in more than 4,700 different Windows applications. \n\nRequest your account, the Secunia Network Software Inspector (NSI):\nhttp://secunia.com/network_software_inspector/\n\n----------------------------------------------------------------------\n\nTITLE:\nMandriva update for mplayer\n\nSECUNIA ADVISORY ID:\nSA27016\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/27016/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS, System access\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nMandriva Linux 2007\nhttp://secunia.com/product/12165/\n\nDESCRIPTION:\nMandriva has issued an update for mplayer. This fixes a\nvulnerability, which can be exploited by malicious people to cause a\nDoS (Denial of Service) or potentially compromise a user\u0027s system. \n\nFor more information:\nSA19418\n\nSOLUTION:\nApply updated packages. \n\nMandriva Linux 2007\n\n664764460655f8fa3ffe837fe1c753c4 \n2007.0/i586/libdha1.0-1.0-1.pre8.13.5mdv2007.0.i586.rpm\n92e7649f53c13651062b76f33b093f16 \n2007.0/i586/mencoder-1.0-1.pre8.13.5mdv2007.0.i586.rpm\nea399734d197db1b88a8706ad9bf855a \n2007.0/i586/mplayer-1.0-1.pre8.13.5mdv2007.0.i586.rpm\n9d751d448cf399915dc11233f291bed5 \n2007.0/i586/mplayer-gui-1.0-1.pre8.13.5mdv2007.0.i586.rpm \nc015287479e38ccf22e271b3e97cc3ac \n2007.0/SRPMS/mplayer-1.0-1.pre8.13.5mdv2007.0.src.rpm\n\nMandriva Linux 2007/X86_64\n\na841c634484003178dbe3edcf04250fb \n2007.0/x86_64/mencoder-1.0-1.pre8.13.5mdv2007.0.x86_64.rpm\n0c59b24ecd8977087b546ad373b5c556 \n2007.0/x86_64/mplayer-1.0-1.pre8.13.5mdv2007.0.x86_64.rpm\n8a9e6cd4f9b438470a08f770a6f3faca \n2007.0/x86_64/mplayer-gui-1.0-1.pre8.13.5mdv2007.0.x86_64.rpm \nc015287479e38ccf22e271b3e97cc3ac \n2007.0/SRPMS/mplayer-1.0-1.pre8.13.5mdv2007.0.src.rpm\n\nORIGINAL ADVISORY:\nhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:192\n\nOTHER REFERENCES:\nSA19418:\nhttp://secunia.com/advisories/19418/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2007-4938"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-004396"
      },
      {
        "db": "BID",
        "id": "25648"
      },
      {
        "db": "VULHUB",
        "id": "VHN-28300"
      },
      {
        "db": "PACKETSTORM",
        "id": "59748"
      },
      {
        "db": "PACKETSTORM",
        "id": "59739"
      }
    ],
    "trust": 2.16
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-28300",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-28300"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2007-4938",
        "trust": 2.9
      },
      {
        "db": "BID",
        "id": "25648",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "27016",
        "trust": 1.8
      },
      {
        "db": "OSVDB",
        "id": "45940",
        "trust": 1.7
      },
      {
        "db": "SREASON",
        "id": "3144",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-004396",
        "trust": 0.8
      },
      {
        "db": "XF",
        "id": "36581",
        "trust": 0.6
      },
      {
        "db": "MANDRIVA",
        "id": "MDKSA-2007:192",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20070912 CAL-20070912-1 MULTIPLE VENDOR PRODUCE HANDLING AVI FILE VULNERABILITIES",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200709-234",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "59748",
        "trust": 0.2
      },
      {
        "db": "EXPLOIT-DB",
        "id": "30578",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-28300",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "59739",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-28300"
      },
      {
        "db": "BID",
        "id": "25648"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-004396"
      },
      {
        "db": "PACKETSTORM",
        "id": "59748"
      },
      {
        "db": "PACKETSTORM",
        "id": "59739"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200709-234"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-4938"
      }
    ]
  },
  "id": "VAR-200709-0172",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-28300"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T22:03:50.272000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.mplayerhq.hu/design7/news.html"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.sgi.com/"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-004396"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-28300"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-004396"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-4938"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "http://www.mandriva.com/security/advisories?name=mdksa-2007:192"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/25648"
      },
      {
        "trust": 1.7,
        "url": "http://www.vulnhunt.com/advisories/cal-20070912-1_multiple_vendor_produce_handling_avi_file_vulnerabilities.txt"
      },
      {
        "trust": 1.7,
        "url": "http://osvdb.org/45940"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/27016"
      },
      {
        "trust": 1.7,
        "url": "http://securityreason.com/securityalert/3144"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/479222/100/0/threaded"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36581"
      },
      {
        "trust": 0.9,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4938"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-4938"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/36581"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/479222/100/0/threaded"
      },
      {
        "trust": 0.3,
        "url": "http://www.mplayerhq.hu/"
      },
      {
        "trust": 0.3,
        "url": "http://svn.mplayerhq.hu/mplayer?diff_format=u\u0026view=rev\u0026revision=24447"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/479222"
      },
      {
        "trust": 0.1,
        "url": "http://www.mandriva.com/security/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2007-4938"
      },
      {
        "trust": 0.1,
        "url": "http://www.mandriva.com/security/advisories"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/27016/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/network_software_inspector/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/12165/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/19418/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-28300"
      },
      {
        "db": "BID",
        "id": "25648"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-004396"
      },
      {
        "db": "PACKETSTORM",
        "id": "59748"
      },
      {
        "db": "PACKETSTORM",
        "id": "59739"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200709-234"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-4938"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-28300"
      },
      {
        "db": "BID",
        "id": "25648"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-004396"
      },
      {
        "db": "PACKETSTORM",
        "id": "59748"
      },
      {
        "db": "PACKETSTORM",
        "id": "59739"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200709-234"
      },
      {
        "db": "NVD",
        "id": "CVE-2007-4938"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2007-09-18T00:00:00",
        "db": "VULHUB",
        "id": "VHN-28300"
      },
      {
        "date": "2007-09-12T00:00:00",
        "db": "BID",
        "id": "25648"
      },
      {
        "date": "2012-09-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-004396"
      },
      {
        "date": "2007-10-03T00:17:52",
        "db": "PACKETSTORM",
        "id": "59748"
      },
      {
        "date": "2007-10-03T00:05:02",
        "db": "PACKETSTORM",
        "id": "59739"
      },
      {
        "date": "2007-09-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200709-234"
      },
      {
        "date": "2007-09-18T19:17:00",
        "db": "NVD",
        "id": "CVE-2007-4938"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-28300"
      },
      {
        "date": "2007-10-02T17:29:00",
        "db": "BID",
        "id": "25648"
      },
      {
        "date": "2012-09-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-004396"
      },
      {
        "date": "2007-10-03T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200709-234"
      },
      {
        "date": "2024-11-21T00:36:46.050000",
        "db": "NVD",
        "id": "CVE-2007-4938"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "59748"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200709-234"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "MPlayer AVIHeader.C Heap Based Buffer Overflow Vulnerability",
    "sources": [
      {
        "db": "BID",
        "id": "25648"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200709-234"
      }
    ],
    "trust": 0.9
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200709-234"
      }
    ],
    "trust": 0.6
  }
}

fkie_cve-2007-4938

Vulnerability from fkie_nvd

Published

2007-09-18 19:17

Modified

2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://osvdb.org/45940
cve@mitre.org	http://secunia.com/advisories/27016	Vendor Advisory
cve@mitre.org	http://securityreason.com/securityalert/3144
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2007:192
cve@mitre.org	http://www.securityfocus.com/archive/1/479222/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/25648	Exploit
cve@mitre.org	http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt	Exploit
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/36581
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/45940
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27016	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/3144
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:192
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/479222/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/25648	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt	Exploit
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/36581

Impacted products

Vendor	Product	Version
apple	mac_os_x	*
hp	hp-ux	*
hp	tru64	*
ibm	aix	*
ibm	os2	*
linux	linux_kernel	*
mandrakesoft	mandrake_linux	2007
mandrakesoft	mandrake_linux	2007
mandrakesoft	mandrake_linux	2007.1
mandrakesoft	mandrake_linux	2007.1
microsoft	windows_2000	*
microsoft	windows_2003_server	*
microsoft	windows_98	*
microsoft	windows_me	*
microsoft	windows_nt	4.0
microsoft	windows_xp	*
santa_cruz_operation	sco_unix	*
sun	solaris	*
windriver	bsdos	*
mplayer	mplayer	1.0_rc1
sgi	irix	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61A4F116-1FEE-450E-99AE-6AD9ACDDE570",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:hp:tru64:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FE64F3F-48F6-493F-A81E-2B106FF73AC1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7F01A55-7C37-4BAF-A4D4-61E8AC54FF79",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:ibm:os2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD5511BD-2A41-4FF6-BD3F-9448F3F8AC90",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*",
              "matchCriteriaId": "02362C25-B373-4FB1-AF4A-2AFC7F7D4387",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "19AD5F8D-6EB9-4E4B-9E82-FFBAB68797E9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "19D64247-F0A0-4984-84EA-B63FC901F002",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "316AA6EB-7191-479E-99D5-40DA79E340E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "60EC86B8-5C8C-4873-B364-FB1F8EFE1CFF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_98:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD1B68C0-2676-4F21-8EF0-1749103CB8C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "799DA395-C7F8-477C-8BC7-5B4B88FB7503",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E53CDA8E-50A8-4509-B070-CCA5604FFB21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:santa_cruz_operation:sco_unix:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECCBDA43-9C75-4B36-8C90-EF26B8CD777D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "469B74F2-4B89-42B8-8638-731E92D463B9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:windriver:bsdos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "60ACA374-1434-4C02-8327-17BC9C000B65",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mplayer:mplayer:1.0_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "83E84D8D-93DA-47C1-9282-E127CD1862E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:sgi:irix:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "056B3397-81A9-4128-9F49-ECEBE1743EE8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large \"indx truck size\" and nEntriesInuse values, and a certain wLongsPerEntry value."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en libmpdemux/aviheader.c en MPlayer 1.0rc1 y anteriores permite a atacantes remotos provocar denegaci\u00f3n de servicio (caida de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo .avi con cierto \"tama\u00f1o indx tratado\" y valores nEntriesInuse, y un cierto valor wLongsPerEntry."
    }
  ],
  "id": "CVE-2007-4938",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.6,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-09-18T19:17:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/45940"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27016"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/3144"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:192"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/479222/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/25648"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36581"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/45940"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27016"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/3144"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:192"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/479222/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/25648"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36581"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2007-4938

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2007-4938

Aliases

CVE-2007-4938

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-4938",
    "description": "Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large \"indx truck size\" and nEntriesInuse values, and a certain wLongsPerEntry value.",
    "id": "GSD-2007-4938",
    "references": [
      "https://www.suse.com/security/cve/CVE-2007-4938.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-4938"
      ],
      "details": "Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large \"indx truck size\" and nEntriesInuse values, and a certain wLongsPerEntry value.",
      "id": "GSD-2007-4938",
      "modified": "2023-12-13T01:21:36.682433Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2007-4938",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large \"indx truck size\" and nEntriesInuse values, and a certain wLongsPerEntry value."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "25648",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/25648"
          },
          {
            "name": "3144",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/3144"
          },
          {
            "name": "mplayer-avi-file-bo(36581)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36581"
          },
          {
            "name": "20070912 CAL-20070912-1 Multiple vendor produce handling AVI file vulnerabilities",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/479222/100/0/threaded"
          },
          {
            "name": "27016",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/27016"
          },
          {
            "name": "45940",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/45940"
          },
          {
            "name": "http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt",
            "refsource": "MISC",
            "url": "http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt"
          },
          {
            "name": "MDKSA-2007:192",
            "refsource": "MANDRIVA",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:192"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:santa_cruz_operation:sco_unix:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:ibm:os2:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_98:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:hp:tru64:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:windriver:bsdos:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:mplayer:mplayer:1.0_rc1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:sgi:irix:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-4938"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large \"indx truck size\" and nEntriesInuse values, and a certain wLongsPerEntry value."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt"
            },
            {
              "name": "25648",
              "refsource": "BID",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.securityfocus.com/bid/25648"
            },
            {
              "name": "MDKSA-2007:192",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:192"
            },
            {
              "name": "27016",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/27016"
            },
            {
              "name": "3144",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/3144"
            },
            {
              "name": "45940",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/45940"
            },
            {
              "name": "mplayer-avi-file-bo(36581)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36581"
            },
            {
              "name": "20070912 CAL-20070912-1 Multiple vendor produce handling AVI file vulnerabilities",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/479222/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.6,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 4.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2018-10-15T21:38Z",
      "publishedDate": "2007-09-18T19:17Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2007-4938 (GCVE-0-2007-4938)

Vulnerability from cvelistv5

ghsa-cm2q-rjp7-2xcv

Vulnerability from github

var-200709-0172

Vulnerability from variot

fkie_cve-2007-4938

Vulnerability from fkie_nvd

gsd-2007-4938

Vulnerability from gsd

Tags

Sightings

Nomenclature