Upstream information
Description
Multiple integer overflows in (1) the new_demux_packet function in demuxer.h and (2) the demux_asf_read_packet function in demux_asf.c in MPlayer 1.0pre7try2 and earlier allow remote attackers to execute arbitrary code via an ASF file with a large packet length value. NOTE: the provenance of this information is unknown; portions of the details are obtained from third party information.SUSE information
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having important severity.
| CVSS detail | National Vulnerability Database |
|---|---|
| Base Score | 7.5 |
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Access Vector | Network |
| Access Complexity | Low |
| Authentication | None |
| Confidentiality Impact | Partial |
| Integrity Impact | Partial |
| Availability Impact | Partial |
SUSE Timeline for this CVE
CVE page created: Fri Jun 28 01:35:28 2013CVE page last modified: Mon Oct 6 18:14:44 2025