CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2004-0433

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0200%
EPSS Percentile1.98th
Published2004年8月18日
Last Modified2026年4月16日

Vulnerability Description

Multiple buffer overflows in the Real-Time Streaming Protocol (RTSP) client for (1) MPlayer before 1.0pre4 and (2) xine lib (xine-lib) before 1-rc4, when playing Real RTSP (realrtsp) streams, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (a) long URLs, (b) long Real server responses, or (c) long Real Data Transport (RDT) packets.

Affected Platforms (CPE)

📦
Mplayer

Mplayer

= 1.0_pre3try2
📦
Xine

Xine Lib

= 1_beta1
📦
Xine

Xine Lib

= 1_beta2
📦
Xine

Xine Lib

= 1_beta3
📦
Xine

Xine Lib

= 1_beta4
📦
Xine

Xine Lib

= 1_beta5
📦
Xine

Xine Lib

= 1_beta6
📦
Xine

Xine Lib

= 1_beta7
📦
Xine

Xine Lib

= 1_beta8
📦
Xine

Xine Lib

= 1_beta9
📦
Xine

Xine Lib

= 1_beta10
📦
Xine

Xine Lib

= 1_beta11
📦
Xine

Xine Lib

= 1_rc2
📦
Xine

Xine Lib

= 1_rc3a
📦
Xine

Xine Lib

= 1_rc3b
📦
Xine

Xine Lib

= 1_rc3c

References & Advisories

🔗 http://security.gentoo.org/glsa/glsa-200405-24.xml
🔗 http://www.xinehq.de/index.php/security/XSA-2004-3
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/16019
🔗 http://security.gentoo.org/glsa/glsa-200405-24.xml
🔗 http://www.xinehq.de/index.php/security/XSA-2004-3
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/16019

相關漏洞威脅

CVE-2004-038610.0

Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary co...

CVE-2004-065910.0

Buffer overflow in TranslateFilename for common.c in MPlayer 1.0pre4 allows remote attackers to execute arbitrary code via a long ...

CVE-2004-118810.0

The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properl...

CVE-2004-118710.0

Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same cod...