VDB
CVE-2006-1502
CVE-2006-1502
PUBLISHED
CVSS 5.099999904632568 MEDIUM
Multiple integer overflows in MPlayer 1.0pre7try2 allow remote attackers to cause a denial of service and trigger heap-based buffer overflows via (1) a certain ASF file handled by asfheader.c that causes the asf_descrambling function to be passed a negative integer after the conversion from a char to an int or (2) an AVI file with a crafted wLongsPerEntry or nEntriesInUse value in the indx chunk, which is handled in aviheader.c.
EPSS 4.37% · 89.2th percentile
Risk Scores
CVSS 2.0
5.099999904632568
EPSS Score
4.37%
89.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| mplayer | mplayer | 0 |
| n/a | n/a | n/a |
Timeline
- Mar 30, 2006 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- mplayer-asfheader-integer-overflow(25513) vdb
- 19418 third-party-advisory
- http://www.xfocus.org/advisories/200603/11.html url
- 647 third-party-advisory
- 20060329 [xfocus-SD-060329]MPlayer: Multiple integer overflows mailing-list
- GLSA-200605-01 vendor-advisory
- 24247 vdb
- 20060329 [xfocus-SD-060329]MPlayer: Multiple integer overflows mailing-list
- mplayer-aviheader-integer-overflow(25514) vdb
- 19565 third-party-advisory
- 19919 third-party-advisory
- 532 third-party-advisory
- 1015842 vdb
- 17295 vdb
- MDKSA-2006:068 vendor-advisory
- 24246 vdb
- ADV-2006-1156 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2006-1502 advisory