What is CVE-2011-3625?

CVE-2011-3625 is a vulnerability in Mplayer2, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2014-06-11.

Is CVE-2011-3625 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Mplayer2

CVE-2011-3625

Stack-based buffer overflow in the sub_read_line_sami function in subreader.c in MPlayer, as used in SMPlayer 0.6.9, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a SA…

Vulnerability class: Buffer Overflow

EPSS: 0.681 (98.6th percentile) — read the EPSS interpretation.

Affected products

Mplayer2
Ricardo_villalba Smplayer — versions 0.6.9
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

rapid7/metasploit-framework

References

secalert@redhat.com (x_refsource_MISC, Vendor Advisory)
[oss-security] 20111018 Re: CVE request: mplayer SAMI subtitle parsing buffer overflow (mailing-list, x_refsource_MLIST)
55486 (x_refsource_SECUNIA, third-party-advisory)
GLSA-201310-13 (vendor-advisory, x_refsource_GENTOO)
secalert@redhat.com (x_refsource_CONFIRM, Patch)

Frequently asked questions

What is CVE-2011-3625?: CVE-2011-3625 is a vulnerability in Mplayer2, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2014-06-11.
Is CVE-2011-3625 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.