Search for vulnerabilities
Vulnerability details: VCID-dz4g-5f7b-aaab
Vulnerability ID VCID-dz4g-5f7b-aaab
Aliases CVE-2007-6718
Summary MPlayer, possibly 1.0rc1, allows remote attackers to cause a denial of service (SIGSEGV and application crash) via (1) a malformed MP3 file, as demonstrated by lol-mplayer.mp3; (2) a malformed Ogg Vorbis file, as demonstrated by lol-mplayer.ogg; (3) a malformed MPEG-1 file, as demonstrated by lol-mplayer.mpg; (4) a malformed MPEG-2 file, as demonstrated by lol-mplayer.m2v; (5) a malformed MPEG-4 AVI file, as demonstrated by lol-mplayer.avi; (6) a malformed FLAC file, as demonstrated by lol-mplayer.flac; (7) a malformed Ogg Theora file, as demonstrated by lol-mplayer.ogm; (8) a malformed WMV file, as demonstrated by lol-mplayer.wmv; or (9) a malformed AAC file, as demonstrated by lol-mplayer.aac. NOTE: vector 5 might overlap CVE-2007-4938, and vector 6 might overlap CVE-2008-0486.
Status Published
Exploitability 0.5
Weighted Severity 3.9
Risk 1.9
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
generic_textual Low http://people.canonical.com/~ubuntu-security/cve/2007/CVE-2007-6718.html
epss 0.00199 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00199 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00199 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00199 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00199 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00199 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00199 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00199 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00199 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00199 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00199 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00199 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00199 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00199 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00199 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00199 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00443 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
epss 0.00488 https://api.first.org/data/v1/epss?cve=CVE-2007-6718
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6718
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2007-6718
Reference id Reference type URL
http://people.canonical.com/~ubuntu-security/cve/2007/CVE-2007-6718.html
http://sam.zoy.org/blog/2007-01-16-exposing-file-parsing-vulnerabilities
https://api.first.org/data/v1/epss?cve=CVE-2007-6718
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6718
http://www.openwall.com/lists/oss-security/2008/10/07/1
407010 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=407010
cpe:2.3:a:mplayer:mplayer:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:*:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:0.90:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:0.90:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:0.90_pre:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:0.90_pre:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:0.90_rc:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:0.90_rc:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:0.90_rc4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:0.90_rc4:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:0.91:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:0.91:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:0.92:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:0.92:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:0.92.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:0.92.1:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:0.92_cvs:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:0.92_cvs:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:1.0_pre1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:1.0_pre1:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:1.0_pre2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:1.0_pre2:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:1.0_pre3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:1.0_pre3:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:1.0_pre3try2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:1.0_pre3try2:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:1.0_pre4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:1.0_pre4:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:1.0_pre5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:1.0_pre5:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:1.0_pre5try1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:1.0_pre5try1:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:1.0_pre5try2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:1.0_pre5try2:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:1.0_pre6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:1.0_pre6:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:1.0_pre7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:1.0_pre7:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:1.0_pre7try2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:1.0_pre7try2:*:*:*:*:*:*:*
CVE-2007-6718 https://nvd.nist.gov/vuln/detail/CVE-2007-6718
GLSA-201310-13 https://security.gentoo.org/glsa/201310-13
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2007-6718
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.58188
EPSS Score 0.00199
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.