CVE-2008-0485
MPlayer < 1.02rc2 - Remote Code Execution via Crafted QuickTime MOV stsc Atom Tag
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2008-0485. PoCs published by Felipe Manzano.
AI-analyzed exploit summary This exploit targets a heap-based buffer overflow in MPlayer (CVE-2008-0485) by crafting a malicious MOV file with manipulated 'stsc' atom data to achieve arbitrary code execution. The PoC generates a file tailored for either Windows XP SP2 or Linux Gentoo targets.
Description
Array index error in libmpdemux/demux_mov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag.
Exploits (1)
This exploit targets a heap-based buffer overflow in MPlayer (CVE-2008-0485) by crafting a malicious MOV file with manipulated 'stsc' atom data to achieve arbitrary code execution. The PoC generates a file tailored for either Windows XP SP2 or Linux Gentoo targets.