It was discovered that MPlayer could be made to divide by zero when processing certain malformed media files. If a user were tricked into opening a specially crafted media file, an attacker could possibly use this issue to cause MPlayer to crash, resulting in a denial of service. (CVE-2022-38850, CVE-2022-38860, CVE-2022-38865) It was discovered that MPlayer could be made to read out of bounds when processing certain malformed media files. If a user were tricked into opening a specially crafted media file, an attacker could possibly use this issue to cause MPlayer to crash, resulting in a denial of service. (CVE-2022-38851) It was discovered that MPlayer could be made to write out of bounds when processing certain malformed media files. If a user were tricked into opening a specially crafted media file, an attacker could possibly use this issue to cause MPlayer to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-38855, CVE-2022-38858, CVE-2022-38863, CVE-2022-38864, CVE-2022-38866) It was discovered that MPlayer did not properly managed memory when processing certain malformed media files. If a user were tricked into opening a specially crafted media file, an attacker could possibly use this issue to cause MPlayer to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-38861)
Continue reading...
Continue reading...
