CVE-2007-4938

CVE Database · CVE-2007-4938

CVE-2007-4938

· N/AModified

CVSS v3.1

N/A

EPSS

16.05%

Published

Sep 18, 2007

Modified

Apr 22, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBMPlayer 1.0 - AVIHeader.C Heap Buffer Overflow TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value.

Weaknesses (CWE)

CWE-119

Affected Products (21)

apple · mac_os_x

hp · hp-ux

hp · tru64

ibm · aix

ibm · os2

linux · linux_kernel

mandrakesoft · mandrake_linux

microsoft · windows_2000

microsoft · windows_2003_server