CVE-2004-0386

Published: May 4, 2004Modified: Apr 16, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header.

Affected (17)

Products: Mplayer: Mplayer · Gentoo: Linux · Mandrakesoft: Mandrake Linux

1 product

1 product

1 product

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Mplayer Mplayer	Version 0.90
Mplayer Mplayer	Version 0.90_pre
Mplayer Mplayer	Version 0.90_rc
Mplayer Mplayer	Version 0.91
Mplayer Mplayer	Version 1.0_pre1
Mplayer Mplayer	Version 1.0_pre2
Mplayer Mplayer	Version 1.0_pre3

Configuration B

10 vulnerable

Vulnerable Software	Affected Versions
Gentoo Linux	Version 0.5
Gentoo Linux	Version 0.7
Gentoo Linux	Version 1.1a
Gentoo Linux	Version 1.2
Gentoo Linux	Version 1.4
Gentoo Linux	Version 1.4 rc1
Gentoo Linux	Version 1.4 rc2
Gentoo Linux	Version 1.4 rc3
Mandrakesoft Mandrake Linux	Version 10.0
Mandrakesoft Mandrake Linux	Version 9.2

References (18)

http://marc.info/?l=bugtraq&m=108067020624076&w=2

Source: cve@mitre.org

http://secunia.com/advisories/11259

Source: cve@mitre.org

PatchVendor Advisory

http://security.gentoo.org/glsa/glsa-200403-13.xml

Source: cve@mitre.org

PatchVendor Advisory

http://www.kb.cert.org/vuls/id/723910

Source: cve@mitre.org

PatchThird Party AdvisoryUS Government Resource

http://www.mandriva.com/security/advisories?name=MDKSA-2004:026

Source: cve@mitre.org

http://www.mplayerhq.hu/homepage/design6/news.html

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/359025

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/10008

Source: cve@mitre.org

ExploitPatch

https://exchange.xforce.ibmcloud.com/vulnerabilities/15675

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=108067020624076&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/11259

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://security.gentoo.org/glsa/glsa-200403-13.xml

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.kb.cert.org/vuls/id/723910

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party AdvisoryUS Government Resource

http://www.mandriva.com/security/advisories?name=MDKSA-2004:026

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mplayerhq.hu/homepage/design6/news.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/359025

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/10008

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

https://exchange.xforce.ibmcloud.com/vulnerabilities/15675

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.