CVE-2008-4610

Published: Oct 20, 2008Modified: Apr 23, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

MPlayer allows remote attackers to cause a denial of service (application crash) via (1) a malformed AAC file, as demonstrated by lol-vlc.aac; or (2) a malformed Ogg Media (OGM) file, as demonstrated by lol-ffplay.ogm, different vectors than CVE-2007-6718.

Affected (20)

Products: Mplayer: Mplayer

Mplayer

1 product

Mplayer

Configuration A

20 vulnerable

Vulnerable Software	Affected Versions
Mplayer Mplayer	Up to 1.0_rc1
Mplayer Mplayer	Version 0.90
Mplayer Mplayer	Version 0.90_pre
Mplayer Mplayer	Version 0.90_rc4
Mplayer Mplayer	Version 0.90_rc
Mplayer Mplayer	Version 0.91
Mplayer Mplayer	Version 0.92.1
Mplayer Mplayer	Version 0.92
Mplayer Mplayer	Version 0.92_cvs
Mplayer Mplayer	Version 1.0_pre1
Mplayer Mplayer	Version 1.0_pre2
Mplayer Mplayer	Version 1.0_pre3
Mplayer Mplayer	Version 1.0_pre3try2
Mplayer Mplayer	Version 1.0_pre4
Mplayer Mplayer	Version 1.0_pre5
Mplayer Mplayer	Version 1.0_pre5try1
Mplayer Mplayer	Version 1.0_pre5try2
Mplayer Mplayer	Version 1.0_pre6
Mplayer Mplayer	Version 1.0_pre7
Mplayer Mplayer	Version 1.0_pre7try2

Related CWEs

CWE-399

References (6)

http://secunia.com/advisories/34296

Source: cve@mitre.org

http://www.openwall.com/lists/oss-security/2008/10/07/1

Source: cve@mitre.org

http://www.ubuntu.com/usn/USN-734-1

Source: cve@mitre.org

http://secunia.com/advisories/34296

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2008/10/07/1

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ubuntu.com/usn/USN-734-1

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.