Executive Summary
Summary | |
---|---|
Title | MPlayer: Multiple vulnerabilities |
Informations | |||
---|---|---|---|
Name | GLSA-201310-13 | First vendor Publication | 2013-10-25 |
Vendor | Gentoo | Last vendor Modification | 2013-10-25 |
Severity (Vendor) | Normal | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Synopsis Multiple vulnerabilities have been found in MPlayer and the bundled FFmpeg, the worst of which may lead to the execution of arbitrary code. Background Description Impact Workaround Resolution References Availability http://security.gentoo.org/glsa/glsa-201310-13.xml |
Original Source
Url : http://security.gentoo.org/glsa/glsa-201310-13.xml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
25 % | CWE-399 | Resource Management Errors |
25 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
25 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
25 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-07-22 | Name : Mandriva Update for blender MDVSA-2011:112 (blender) File : nvt/gb_mandriva_MDVSA_2011_112.nasl |
2011-07-22 | Name : Mandriva Update for blender MDVSA-2011:114 (blender) File : nvt/gb_mandriva_MDVSA_2011_114.nasl |
2011-05-17 | Name : Mandriva Update for mplayer MDVSA-2011:088 (mplayer) File : nvt/gb_mandriva_MDVSA_2011_088.nasl |
2011-05-17 | Name : Mandriva Update for mplayer MDVSA-2011:089 (mplayer) File : nvt/gb_mandriva_MDVSA_2011_089.nasl |
2011-04-06 | Name : Mandriva Update for ffmpeg MDVSA-2011:060 (ffmpeg) File : nvt/gb_mandriva_MDVSA_2011_060.nasl |
2011-04-06 | Name : Mandriva Update for ffmpeg MDVSA-2011:061 (ffmpeg) File : nvt/gb_mandriva_MDVSA_2011_061.nasl |
2011-04-06 | Name : Mandriva Update for ffmpeg MDVSA-2011:062 (ffmpeg) File : nvt/gb_mandriva_MDVSA_2011_062.nasl |
2011-04-06 | Name : Ubuntu Update for ffmpeg vulnerabilities USN-1104-1 File : nvt/gb_ubuntu_USN_1104_1.nasl |
2011-03-07 | Name : Debian Security Advisory DSA 2165-1 (ffmpeg-debian) File : nvt/deb_2165_1.nasl |
2009-12-30 | Name : Mandriva Security Advisory MDVSA-2009:335 (ffmpeg) File : nvt/mdksa_2009_335.nasl |
2009-03-20 | Name : Ubuntu USN-734-1 (ffmpeg-debian) File : nvt/ubuntu_734_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
68269 | FFmpeg libavcodec/flicvideo.c Multiple Function Array Indexing Memory Corruption |
50086 | MPlayer Crafted AAC File Handling Remote DoS |
50085 | MPlayer Crafted WMV File Handling Remote DoS |
50084 | MPlayer Crafted Ogg Theora File Handling Remote DoS |
50083 | MPlayer Crafted FLAC File Handling Remote DoS |
50082 | MPlayer Crafted MPEG-2 File Handling Remote DoS |
50081 | MPlayer Crafted MPEG-1 File Handling Remote DoS |
50080 | MPlayer Crafted Ogg Vorbis File Handling Remote DoS |
50079 | MPlayer Crafted MP3 File Handling Remote DoS |
49424 | MPlayer Malformed OGM File Handling DoS |
49423 | MPlayer Malformed AAC File Handling DoS |
45940 | MPlayer libmpdemux/aviheader.c AVI File Handling Overflow |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-11-06 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201411-01.nasl - Type : ACT_GATHER_INFO |
2013-10-27 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201310-12.nasl - Type : ACT_GATHER_INFO |
2013-10-27 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201310-13.nasl - Type : ACT_GATHER_INFO |
2011-07-19 | Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2011-112.nasl - Type : ACT_GATHER_INFO |
2011-07-19 | Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2011-114.nasl - Type : ACT_GATHER_INFO |
2011-05-17 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-088.nasl - Type : ACT_GATHER_INFO |
2011-05-17 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-089.nasl - Type : ACT_GATHER_INFO |
2011-04-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1104-1.nasl - Type : ACT_GATHER_INFO |
2011-04-04 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-060.nasl - Type : ACT_GATHER_INFO |
2011-04-04 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-061.nasl - Type : ACT_GATHER_INFO |
2011-04-04 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-062.nasl - Type : ACT_GATHER_INFO |
2011-02-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2165.nasl - Type : ACT_GATHER_INFO |
2009-12-21 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-335.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-734-1.nasl - Type : ACT_GATHER_INFO |
2007-10-03 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-192.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-12-27 00:26:27 |
|
2014-06-12 17:25:28 |
|
2014-06-11 21:28:04 |
|
2014-02-17 11:37:50 |
|
2013-10-25 21:18:47 |
|