Search for vulnerabilities
Vulnerability details: VCID-zdnw-tb7c-aaan
Vulnerability ID VCID-zdnw-tb7c-aaan
Aliases CVE-2008-3827
Summary Multiple integer underflows in the Real demuxer (demux_real.c) in MPlayer 1.0_rc2 and earlier allow remote attackers to cause a denial of service (process termination) and possibly execute arbitrary code via a crafted video file that causes the stream_read function to read or write arbitrary memory.
Status Published
Exploitability 0.5
Weighted Severity 8.4
Risk 4.2
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-189 Numeric Errors
System Score Found at
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.02752 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.03565 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.03565 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.03565 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.03565 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.03565 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.03565 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.05299 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.05299 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.05299 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.05299 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.05299 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.05299 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.05299 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.05299 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.05299 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.05299 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.05299 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.05299 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.05299 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.05299 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.05299 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.05299 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
epss 0.06114 https://api.first.org/data/v1/epss?cve=CVE-2008-3827
cvssv2 9.3 https://nvd.nist.gov/vuln/detail/CVE-2008-3827
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2008-3827
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3827
http://secunia.com/advisories/32045
http://secunia.com/advisories/32153
http://securityreason.com/securityalert/4326
http://svn.mplayerhq.hu/mplayer/trunk/libmpdemux/demux_real.c?r1=27314&r2=27675
http://www.debian.org/security/2008/dsa-1644
http://www.mandriva.com/security/advisories?name=MDVSA-2008:219
http://www.ocert.org/advisories/ocert-2008-013.html
http://www.securityfocus.com/archive/1/496806/100/0/threaded
http://www.securityfocus.com/bid/31473
http://www.securitytracker.com/id?1020952
http://www.vupen.com/english/advisories/2008/2703
500683 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500683
cpe:2.3:a:mplayer:mplayer:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:*:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:0.90:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:0.90:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:0.90_pre:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:0.90_pre:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:0.90_rc:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:0.90_rc:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:0.90_rc4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:0.90_rc4:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:0.91:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:0.91:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:0.92:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:0.92:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:0.92.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:0.92.1:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:0.92_cvs:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:0.92_cvs:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:1.0_pre1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:1.0_pre1:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:1.0_pre2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:1.0_pre2:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:1.0_pre3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:1.0_pre3:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:1.0_pre3try2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:1.0_pre3try2:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:1.0_pre4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:1.0_pre4:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:1.0_pre5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:1.0_pre5:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:1.0_pre5try1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:1.0_pre5try1:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:1.0_pre5try2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:1.0_pre5try2:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:1.0_pre6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:1.0_pre6:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:1.0_pre7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:1.0_pre7:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:1.0_pre7try2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:1.0_pre7try2:*:*:*:*:*:*:*
cpe:2.3:a:mplayer:mplayer:1.0_rc1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mplayer:mplayer:1.0_rc1:*:*:*:*:*:*:*
CVE-2008-3827 https://nvd.nist.gov/vuln/detail/CVE-2008-3827
GLSA-200901-07 https://security.gentoo.org/glsa/200901-07
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2008-3827
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.84786
EPSS Score 0.02752
Published At April 6, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.