CVE-2008-4610

EPSS 4.5%

mplayer - arbitrary code execution

發布日:2008/10/20修改日:2026/4/28

描述

MPlayer allows remote attackers to cause a denial of service (application crash) via (1) a malformed AAC file, as demonstrated by lol-vlc.aac; or (2) a malformed Ogg Media (OGM) file, as demonstrated by lol-ffplay.ogm, different vectors than CVE-2007-6718.

受影響套件(3)

Debian/ffmpegfrom 0, < 7:2.4.1-1
Debian/mplayerfrom 0, < 1.0~rc2-20
Debian/mplayerfrom 0, < 1.0~rc2-17+lenny2

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-4610