Description
Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header.
Exploits (1)
References (9)
Core 9
Core References
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/11259
Various Sources x_refsource_confirm
http://www.mplayerhq.hu/homepage/design6/news.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/15675
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=108067020624076&w=2
Vendor Advisory vendor-advisory
x_refsource_mandrake
http://www.mandriva.com/security/advisories?name=MDKSA-2004:026
Patch, Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/723910
Exploit, Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/10008
Patch, Vendor Advisory mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/359025
Patch, Vendor Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200403-13.xml
Scores
EPSS
0.3677
EPSS Percentile
97.2%
Details
Status
published
Products (14)
gentoo/linux
0.5
gentoo/linux
0.7
gentoo/linux
1.1a
gentoo/linux
1.2
gentoo/linux
1.4 (4 CPE variants)
mandrakesoft/mandrake_linux
9.2
mandrakesoft/mandrake_linux
10.0
mplayer/mplayer
0.90
mplayer/mplayer
0.90_pre
mplayer/mplayer
0.90_rc
... and 4 more
Published
May 04, 2004
Tracked Since
Feb 18, 2026