CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2004-0386

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0390%
EPSS Percentile12.06th
Published2004年5月4日
Last Modified2026年4月16日

Vulnerability Description

Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header.

Affected Platforms (CPE)

📦
Mplayer

Mplayer

= 0.90
📦
Mplayer

Mplayer

= 0.90_pre
📦
Mplayer

Mplayer

= 0.90_rc
📦
Mplayer

Mplayer

= 0.91
📦
Mplayer

Mplayer

= 1.0_pre1
📦
Mplayer

Mplayer

= 1.0_pre2
📦
Mplayer

Mplayer

= 1.0_pre3
💻
Gentoo

Linux

= 0.5
💻
Gentoo

Linux

= 0.7
💻
Gentoo

Linux

= 1.1a
💻
Gentoo

Linux

= 1.2
💻
Gentoo

Linux

= 1.4
💻
Gentoo

Linux

= 1.4
💻
Gentoo

Linux

= 1.4
💻
Gentoo

Linux

= 1.4
💻
Mandrakesoft

Mandrake Linux

= 9.2
💻
Mandrakesoft

Mandrake Linux

= 10.0

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=108067020624076&w=2
🔗 http://secunia.com/advisories/11259
🔗 http://security.gentoo.org/glsa/glsa-200403-13.xml
🔗 http://www.kb.cert.org/vuls/id/723910
🔗 http://www.mandriva.com/security/advisories?name=MDKSA-2004:026
🔗 http://www.mplayerhq.hu/homepage/design6/news.html
🔗 http://www.securityfocus.com/archive/1/359025
🔗 http://www.securityfocus.com/bid/10008

相關漏洞威脅

CVE-2004-065910.0

Buffer overflow in TranslateFilename for common.c in MPlayer 1.0pre4 allows remote attackers to execute arbitrary code via a long ...

CVE-2004-043310.0

Multiple buffer overflows in the Real-Time Streaming Protocol (RTSP) client for (1) MPlayer before 1.0pre4 and (2) xine lib (xine-...

CVE-2004-118810.0

The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properl...

CVE-2004-118710.0

Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same cod...