Buffer overflow in Apple Mac_os_x

CVE-2007-4938

Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck s…

Vulnerability class: Buffer Overflow

EPSS: 0.160 (96.5th percentile) — read the EPSS interpretation.

Affected products

Apple Mac_os_x
Hp Hp-ux
Hp Tru64
Ibm Aix
Ibm Os2
Linux Linux_kernel
Mandrakesoft Mandrake_linux — versions 2007, 2007.1
Microsoft Windows_2000
Microsoft Windows_2003_server
Microsoft Windows_98

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

cve@mitre.org (Exploit, vdb-entry, x_refsource_BID)
cve@mitre.org (x_refsource_SREASON, third-party-advisory)
cve@mitre.org (vdb-entry, x_refsource_XF)
cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
cve@mitre.org (x_refsource_OSVDB, vdb-entry)
cve@mitre.org (Exploit, x_refsource_MISC)
cve@mitre.org (vendor-advisory, x_refsource_MANDRIVA)