CyberSec.Space Logo
Back to CVE Browser

CVE-2004-0386

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0390%
EPSS Percentile12.06th
PublishedMay 4, 2004
Last ModifiedApr 16, 2026

Vulnerability Description

Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header.

Affected Platforms (CPE)

πŸ“¦
Mplayer

Mplayer

= 0.90
πŸ“¦
Mplayer

Mplayer

= 0.90_pre
πŸ“¦
Mplayer

Mplayer

= 0.90_rc
πŸ“¦
Mplayer

Mplayer

= 0.91
πŸ“¦
Mplayer

Mplayer

= 1.0_pre1
πŸ“¦
Mplayer

Mplayer

= 1.0_pre2
πŸ“¦
Mplayer

Mplayer

= 1.0_pre3
πŸ’»
Gentoo

Linux

= 0.5
πŸ’»
Gentoo

Linux

= 0.7
πŸ’»
Gentoo

Linux

= 1.1a
πŸ’»
Gentoo

Linux

= 1.2
πŸ’»
Gentoo

Linux

= 1.4
πŸ’»
Gentoo

Linux

= 1.4
πŸ’»
Gentoo

Linux

= 1.4
πŸ’»
Gentoo

Linux

= 1.4
πŸ’»
Mandrakesoft

Mandrake Linux

= 9.2
πŸ’»
Mandrakesoft

Mandrake Linux

= 10.0

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=108067020624076&w=2
πŸ”— http://secunia.com/advisories/11259
πŸ”— http://security.gentoo.org/glsa/glsa-200403-13.xml
πŸ”— http://www.kb.cert.org/vuls/id/723910
πŸ”— http://www.mandriva.com/security/advisories?name=MDKSA-2004:026
πŸ”— http://www.mplayerhq.hu/homepage/design6/news.html
πŸ”— http://www.securityfocus.com/archive/1/359025
πŸ”— http://www.securityfocus.com/bid/10008

Related Vulnerabilities

CVE-2004-065910.0

Buffer overflow in TranslateFilename for common.c in MPlayer 1.0pre4 allows remote attackers to execute arbitrary code via a long ...

CVE-2004-043310.0

Multiple buffer overflows in the Real-Time Streaming Protocol (RTSP) client for (1) MPlayer before 1.0pre4 and (2) xine lib (xine-...

CVE-2004-118810.0

The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properl...

CVE-2004-118710.0

Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same cod...