CVE - CVE-2006-1502

CVE-ID
CVE-2006-1502	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Multiple integer overflows in MPlayer 1.0pre7try2 allow remote attackers to cause a denial of service and trigger heap-based buffer overflows via (1) a certain ASF file handled by asfheader.c that causes the asf_descrambling function to be passed a negative integer after the conversion from a char to an int or (2) an AVI file with a crafted wLongsPerEntry or nEntriesInUse value in the indx chunk, which is handled in aviheader.c.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:17295 URL:http://www.securityfocus.com/bid/17295 BUGTRAQ:20060329 [xfocus-SD-060329]MPlayer: Multiple integer overflows URL:http://www.securityfocus.com/archive/1/429251/100/0/threaded FULLDISC:20060329 [xfocus-SD-060329]MPlayer: Multiple integer overflows URL:http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044615.html GENTOO:GLSA-200605-01 URL:http://www.gentoo.org/security/en/glsa/glsa-200605-01.xml MANDRIVA:MDKSA-2006:068 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:068~~ (Obsolete source) MISC:http://www.xfocus.org/advisories/200603/11.html OSVDB:24246 URL:~~http://www.osvdb.org/24246~~ (Obsolete source) OSVDB:24247 URL:~~http://www.osvdb.org/24247~~ (Obsolete source) SECTRACK:1015842 URL:http://securitytracker.com/id?1015842 SECUNIA:19418 URL:http://secunia.com/advisories/19418 SECUNIA:19565 URL:http://secunia.com/advisories/19565 SECUNIA:19919 URL:http://secunia.com/advisories/19919 SREASON:532 URL:http://securityreason.com/securityalert/532 SREASON:647 URL:http://securityreason.com/securityalert/647 VUPEN:ADV-2006-1156 URL:~~http://www.vupen.com/english/advisories/2006/1156~~ (Obsolete source) XF:mplayer-asfheader-integer-overflow(25513) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/25513 XF:mplayer-aviheader-integer-overflow(25514) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/25514
Assigning CNA
MITRE Corporation
Date Record Created
20060329	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20060329)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)