CVE-2022-38866: Buffer Overflow
Published Sep 15, 2022
·Updated
Certain The MPlayer Project products are vulnerable to Buffer Overflow via readaviheader() of libmpdemux/aviheader.c . This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.
Affected Software
3 affected components
Mplayerhq Mencoder=svn-r38374-13.0.1
Mplayerhq Mplayer=svn-r38374-13.0.1
Debian Debian Linux=10.0
Event History
Sep 15, 2022
CVE Published
via MITRE·12:00 AM
Data Sourced
via MITRE·12:00 AM
Description
Frequently Asked Questions
1
What is the severity of CVE-2022-38866?
CVE-2022-38866 has a high severity rating due to its potential to lead to arbitrary code execution through a buffer overflow.
2
How do I fix CVE-2022-38866?
To fix CVE-2022-38866, users should upgrade to a patched version of MPlayer or MEncoder beyond svn-r38374-13.0.1.
3
Which versions of MPlayer are affected by CVE-2022-38866?
CVE-2022-38866 affects MPlayer SVN-r38374-13.0.1 and earlier versions of the software.
4
What does CVE-2022-38866 exploit?
CVE-2022-38866 exploits a buffer overflow vulnerability in the read_avi_header() function of libmpdemux/aviheader.c.
5
Can CVE-2022-38866 be exploited remotely?
Yes, CVE-2022-38866 can potentially be exploited remotely by specially crafted AVI files.