VDB
CVE-2007-2948
CVE-2007-2948
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Multiple stack-based buffer overflows in stream/stream_cddb.c in MPlayer before 1.0rc1try3 allow remote attackers to execute arbitrary code via a CDDB entry with a long (1) album title or (2) category.
EPSS 13.24% · 94.3th percentile
Risk Scores
CVSS 2.0
9.300000190734863
EPSS Score
13.24%
94.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| mplayer | mplayer | * |
| n/a | n/a | n/a |
Timeline
- Jun 7, 2007 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 8, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- http://osvdb.org/36991 url
- http://secunia.com/advisories/24302 url
- http://secunia.com/advisories/25713 url
- mplayer-cddb-bo(34749) vdb
- 26083 third-party-advisory
- MDKSA-2007:143 vendor-advisory
- http://www.mplayerhq.hu/design7/news.html url
- GLSA-200707-07 vendor-advisory
- http://secunia.com/secunia_research/2007-55/ url
- SUSE-SR:2007:014 vendor-advisory
- ADV-2007-2080 vdb
- [MPlayer-announce] 20070605 MPlayer 1.0rc1try3 released mailing-list
- 24339 vdb
- 25940 third-party-advisory
- http://svn.mplayerhq.hu/mplayer/trunk/stream/stream_cddb.c?r1=23287&r2=23470&diff_format=u url
- DSA-1313 vendor-advisory
- 26207 third-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2007-2948 advisory
- http://secunia.com/secunia_research/2007-55 url