CVE-2004-0433

Published Aug 18, 2004

Last updated 7 years ago

CVSS info 10.0

Overview

Description: Multiple buffer overflows in the Real-Time Streaming Protocol (RTSP) client for (1) MPlayer before 1.0pre4 and (2) xine lib (xine-lib) before 1-rc4, when playing Real RTSP (realrtsp) streams, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (a) long URLs, (b) long Real server responses, or (c) long Real Data Transport (RDT) packets.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mplayer:mplayer:1.0_pre3try2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E74EBC5-296E-4B20-8BCB-F104D06595AD"
          },
          {
            "criteria": "cpe:2.3:a:xine:xine-lib:1_beta1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4C87793C-6577-4E67-BBFD-768FAF1BF88D"
          },
          {
            "criteria": "cpe:2.3:a:xine:xine-lib:1_beta2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DFE9819F-A620-41A6-A102-41746457753F"
          },
          {
            "criteria": "cpe:2.3:a:xine:xine-lib:1_beta3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7D6474F-C678-498C-9A61-287E2FDD8B2D"
          },
          {
            "criteria": "cpe:2.3:a:xine:xine-lib:1_beta4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06402BDD-77EA-447A-8C34-E1A0F41D0628"
          },
          {
            "criteria": "cpe:2.3:a:xine:xine-lib:1_beta5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7387773A-81F1-464A-9489-E103C51BED46"
          },
          {
            "criteria": "cpe:2.3:a:xine:xine-lib:1_beta6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A03194CD-2CFA-4F11-90DE-3573BA06B6DC"
          },
          {
            "criteria": "cpe:2.3:a:xine:xine-lib:1_beta7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1C39D002-E323-423D-8895-9179DFDF6535"
          },
          {
            "criteria": "cpe:2.3:a:xine:xine-lib:1_beta8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "73E621C7-A5BA-4D71-9D57-4311360FF3A6"
          },
          {
            "criteria": "cpe:2.3:a:xine:xine-lib:1_beta9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B08810F9-377D-49C4-A9A8-E2EE42EDF2F5"
          },
          {
            "criteria": "cpe:2.3:a:xine:xine-lib:1_beta10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6AA12911-93D8-4DFE-A31C-FEB9E7F7ADD6"
          },
          {
            "criteria": "cpe:2.3:a:xine:xine-lib:1_beta11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C13E4FD-A874-4366-A426-19665B43F1DD"
          },
          {
            "criteria": "cpe:2.3:a:xine:xine-lib:1_rc2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7C8F4701-C5CC-4FBA-AFF6-5AB890306AC3"
          },
          {
            "criteria": "cpe:2.3:a:xine:xine-lib:1_rc3a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3295F345-26D0-4B23-848F-83CFE067EA01"
          },
          {
            "criteria": "cpe:2.3:a:xine:xine-lib:1_rc3b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D2915303-7347-4811-B7D2-5AF367081797"
          },
          {
            "criteria": "cpe:2.3:a:xine:xine-lib:1_rc3c:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6976E802-011F-44A2-B668-F9D643FC7A86"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References