CVE-2022-38858: Buffer Overflow
Published Sep 15, 2022
·Updated
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function movbuildindex() of libmpdemux/demuxmov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.
Affected Software
3 affected components
Mplayerhq Mencoder=svn-r38374-13.0.1
Mplayerhq Mplayer=svn-r38374-13.0.1
Debian Debian Linux=10.0
Event History
Sep 15, 2022
CVE Published
via MITRE·12:00 AM
Data Sourced
via MITRE·12:00 AM
Description
Frequently Asked Questions
1
What is the severity of CVE-2022-38858?
CVE-2022-38858 is classified as a buffer overflow vulnerability, which can lead to arbitrary code execution.
2
How do I fix CVE-2022-38858?
To fix CVE-2022-38858, update to a patched version of MPlayer or MEncoder that resolves the vulnerability.
3
Which software versions are affected by CVE-2022-38858?
CVE-2022-38858 affects MPlayer SVN-r38374-13.0.1 and MEncoder SVN-r38374-13.0.1.
4
What causes the vulnerability in CVE-2022-38858?
The vulnerability in CVE-2022-38858 is caused by a buffer overflow in the mov_build_index() function of libmpdemux.
5
Can CVE-2022-38858 be exploited remotely?
Yes, CVE-2022-38858 can potentially be exploited remotely if an attacker can trick a user into processing a malicious media file.