HomeMplayerCVE-2008-0486

CVE-2008-0486

UNKNOWN
7.5CVSS
Published: 2008-02-05
Updated: 2025-04-09
AI Analysis

Description

Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow.

CVSS Metrics

Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Access Vector
network
Access Cmplx
low
Auth
none
Confidentiality
partial
Integrity
partial
Availability
partial
Weaknesses
CWE-189

Metadata

Primary Vendor
MPLAYER
Published
2/5/2008
Last Modified
4/9/2025
Source
NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

mplayer : mplayerxine : xine-lib

AI-Powered Remediation

Generate remediation guidance or a C-suite brief for this vulnerability.

Executive Intelligence Brief

View on NIST NVD