CVE-2008-0485
EPSS 16.3%mplayer - arbitrary code execution
Published: 2/5/2008Modified: 3/9/2026
Description
Array index error in libmpdemux/demux_mov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag.
Affected packages (3)
- Debian/mplayerfrom 0, < 1.0~rc2-8
- Debian/mplayerfrom 0, < 1.0~rc1-12etch2
- Debian/mplayerfrom 0, < 1.0~rc2-7+lenny1