CVE-2008-5616

Stack-based buffer overflow in the demux_open_vqf function in libmpdemux/demux_vqf.c in MPlayer 1.0 rc2 before r28150 allows remote attackers to execute arbitrary code via a malformed TwinVQ file.

Published: Dec 17, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-5616
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
mplayer / mplayer	0.92	0.92.x
mplayer / mplayer	-	1.0_rc1.x
mplayer / mplayer	1.0_pre2	1.0_pre2.x
mplayer / mplayer	0.90	0.90.x
mplayer / mplayer	1.0_pre1	1.0_pre1.x
mplayer / mplayer	0.90_rc	0.90_rc.x
mplayer / mplayer	1.0_pre5try2	1.0_pre5try2.x
mplayer / mplayer	0.92.1	0.92.1.x
mplayer / mplayer	1.0_pre3	1.0_pre3.x
mplayer / mplayer	1.0_pre7try2	1.0_pre7try2.x
mplayer / mplayer	0.92_cvs	0.92_cvs.x
mplayer / mplayer	1.0_pre5	1.0_pre5.x
mplayer / mplayer	0.91	0.91.x
mplayer / mplayer	1.0_pre5try1	1.0_pre5try1.x
mplayer / mplayer	1.0_pre3try2	1.0_pre3try2.x
mplayer / mplayer	1.0_pre7	1.0_pre7.x
mplayer / mplayer	1.0_pre6	1.0_pre6.x
mplayer / mplayer	0.90_pre	0.90_pre.x
mplayer / mplayer	0.90_rc4	0.90_rc4.x
mplayer / mplayer	1.0_pre4	1.0_pre4.x

Vulnerability Database

289,599

CVE-2008-5616