PT-2004-1570 · Mplayer+1 · Mplayer+1

Published

2004-05-05

Updated

2017-07-11

CVE-2004-0433

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions MPlayer versions prior to 1.0pre4 xine lib (xine-lib) versions prior to 1-rc4

Description The issue is related to multiple buffer overflows in the Real-Time Streaming Protocol (RTSP) client. This can be triggered when playing Real RTSP streams, allowing remote attackers to cause a denial of service or possibly execute arbitrary code. The overflows can occur due to long URLs, long Real server responses, or long Real Data Transport (RDT) packets.

Recommendations For MPlayer versions prior to 1.0pre4, update to version 1.0pre4 or later to resolve the issue. For xine lib (xine-lib) versions prior to 1-rc4, update to version 1-rc4 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-0433

Affected Products

Mplayer

Xine-Lib

PT-2004-1570 · Mplayer+1 · Mplayer+1

CVE-2004-0433

Related Identifiers

Affected Products

References · 7