VulnerableCode Package Details - pkg:ebuild/media-video/mplayer@1.0

Search for packages

Vulnerability	Summary	Fixed by
VCID-3s41-mjjb-aaad Aliases: CVE-2007-2948	Multiple stack-based buffer overflows in stream/stream_cddb.c in MPlayer before 1.0rc1try3 allow remote attackers to execute arbitrary code via a CDDB entry with a long (1) album title or (2) category.	1.0.20070622 Affected by 0 other vulnerabilities.
VCID-9cw5-dqm6-aaak Aliases: CVE-2007-1246	The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than CVE-2007-1387.	1.0.20070321 Affected by 0 other vulnerabilities.
VCID-m4jt-mcyk-aaab Aliases: CVE-2007-1387	The DirectShow loader (loader/dshow/DS_VideoDecoder.c) in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than CVE-2007-1246.	1.0.20070321 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-3s41-mjjb-aaad
Aliases:
CVE-2007-2948

Multiple stack-based buffer overflows in stream/stream_cddb.c in MPlayer before 1.0rc1try3 allow remote attackers to execute arbitrary code via a CDDB entry with a long (1) album title or (2) category.

1.0.20070622
Affected by 0 other vulnerabilities.

VCID-9cw5-dqm6-aaak
Aliases:
CVE-2007-1246

The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than CVE-2007-1387.

1.0.20070321
Affected by 0 other vulnerabilities.

VCID-m4jt-mcyk-aaab
Aliases:
CVE-2007-1387

The DirectShow loader (loader/dshow/DS_VideoDecoder.c) in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different vulnerability than CVE-2007-1246.

1.0.20070321
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T13:05:01.534444+00:00	Gentoo Importer	Affected by	VCID-3s41-mjjb-aaad	https://security.gentoo.org/glsa/200707-07	36.0.0
2025-03-28T12:38:38.913259+00:00	Gentoo Importer	Affected by	VCID-m4jt-mcyk-aaab	https://security.gentoo.org/glsa/200705-21	36.0.0
2025-03-28T12:38:38.897747+00:00	Gentoo Importer	Affected by	VCID-9cw5-dqm6-aaak	https://security.gentoo.org/glsa/200705-21	36.0.0
2024-09-18T07:59:10.937692+00:00	Gentoo Importer	Affected by	VCID-3s41-mjjb-aaad	https://security.gentoo.org/glsa/200707-07	34.0.1
2024-09-18T07:32:21.183695+00:00	Gentoo Importer	Affected by	VCID-m4jt-mcyk-aaab	https://security.gentoo.org/glsa/200705-21	34.0.1
2024-09-18T07:32:21.164248+00:00	Gentoo Importer	Affected by	VCID-9cw5-dqm6-aaak	https://security.gentoo.org/glsa/200705-21	34.0.1
2024-01-04T02:03:51.491240+00:00	Gentoo Importer	Affected by	VCID-3s41-mjjb-aaad	https://security.gentoo.org/glsa/200707-07	34.0.0rc1
2024-01-04T01:38:49.048233+00:00	Gentoo Importer	Affected by	VCID-m4jt-mcyk-aaab	https://security.gentoo.org/glsa/200705-21	34.0.0rc1
2024-01-04T01:38:49.029918+00:00	Gentoo Importer	Affected by	VCID-9cw5-dqm6-aaak	https://security.gentoo.org/glsa/200705-21	34.0.0rc1