CVE-2004-1187 : Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use th

Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as MPlayer that use the same code, allows remote attackers to execute arbitrary code via long PNA_TAG values, a different vulnerability than CVE-2004-1188.

Published 2005-01-10 05:00:00

Updated 2017-07-11 01:30:49

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowExecute code

Exploit prediction scoring system (EPSS) score for CVE-2004-1187

Probability of exploitation activity in the next 30 days: 4.01%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 91 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2004-1187

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2004-1187

Products affected by CVE-2004-1187

Mandrakesoft » Mandrake Linux » Version: 10.0
cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*
Matching versions
Mandrakesoft » Mandrake Linux » Version: 10.1
cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*
Matching versions
Mandrakesoft » Mandrake Linux » Version: 10.0 Amd64 Edition
cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*
Matching versions
Mandrakesoft » Mandrake Linux » Version: 10.1 X86 64 Edition
cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*
Matching versions
Mplayer » Mplayer » Version: 1.0 Pre1
cpe:2.3:a:mplayer:mplayer:1.0_pre1:*:*:*:*:*:*:*
Matching versions
Mplayer » Mplayer » Version: 0.90 Rc4
cpe:2.3:a:mplayer:mplayer:0.90_rc4:*:*:*:*:*:*:*
Matching versions
Mplayer » Mplayer » Version: 0.91
cpe:2.3:a:mplayer:mplayer:0.91:*:*:*:*:*:*:*
Matching versions
Mplayer » Mplayer » Version: 0.90
cpe:2.3:a:mplayer:mplayer:0.90:*:*:*:*:*:*:*
Matching versions
Mplayer » Mplayer » Version: 0.90 Pre
cpe:2.3:a:mplayer:mplayer:0.90_pre:*:*:*:*:*:*:*
Matching versions
Mplayer » Mplayer » Version: 0.90 Rc
cpe:2.3:a:mplayer:mplayer:0.90_rc:*:*:*:*:*:*:*
Matching versions
Mplayer » Mplayer » Version: 1.0 Pre2
cpe:2.3:a:mplayer:mplayer:1.0_pre2:*:*:*:*:*:*:*
Matching versions
Mplayer » Mplayer » Version: 1.0 Pre3
cpe:2.3:a:mplayer:mplayer:1.0_pre3:*:*:*:*:*:*:*
Matching versions
Mplayer » Mplayer » Version: 1.0 Pre3try2
cpe:2.3:a:mplayer:mplayer:1.0_pre3try2:*:*:*:*:*:*:*
Matching versions
Mplayer » Mplayer » Version: 0.92 Cvs
cpe:2.3:a:mplayer:mplayer:0.92_cvs:*:*:*:*:*:*:*
Matching versions
Mplayer » Mplayer » Version: 0.92
cpe:2.3:a:mplayer:mplayer:0.92:*:*:*:*:*:*:*
Matching versions
Mplayer » Mplayer » Version: 0.92.1
cpe:2.3:a:mplayer:mplayer:0.92.1:*:*:*:*:*:*:*
Matching versions
Mplayer » Mplayer » Version: Head Cvs
cpe:2.3:a:mplayer:mplayer:head_cvs:*:*:*:*:*:*:*
Matching versions
Mplayer » Mplayer » Version: 1.0 Pre4
cpe:2.3:a:mplayer:mplayer:1.0_pre4:*:*:*:*:*:*:*
Matching versions
Mplayer » Mplayer » Version: 1.0 Pre5try1
cpe:2.3:a:mplayer:mplayer:1.0_pre5try1:*:*:*:*:*:*:*
Matching versions
Mplayer » Mplayer » Version: 1.0 Pre5try2
cpe:2.3:a:mplayer:mplayer:1.0_pre5try2:*:*:*:*:*:*:*
Matching versions
Mplayer » Mplayer » Version: 1.0 Pre5
cpe:2.3:a:mplayer:mplayer:1.0_pre5:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 0.9.13
cpe:2.3:a:xine:xine:0.9.13:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Beta1
cpe:2.3:a:xine:xine:1_beta1:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Beta5
cpe:2.3:a:xine:xine:1_beta5:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Beta12
cpe:2.3:a:xine:xine:1_beta12:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Beta2
cpe:2.3:a:xine:xine:1_beta2:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Beta9
cpe:2.3:a:xine:xine:1_beta9:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Rc0a
cpe:2.3:a:xine:xine:1_rc0a:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Beta10
cpe:2.3:a:xine:xine:1_beta10:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Beta11
cpe:2.3:a:xine:xine:1_beta11:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Beta7
cpe:2.3:a:xine:xine:1_beta7:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Beta8
cpe:2.3:a:xine:xine:1_beta8:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Beta6
cpe:2.3:a:xine:xine:1_beta6:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Rc3
cpe:2.3:a:xine:xine:1_rc3:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Rc3a
cpe:2.3:a:xine:xine:1_rc3a:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Rc3b
cpe:2.3:a:xine:xine:1_rc3b:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Beta3
cpe:2.3:a:xine:xine:1_beta3:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Beta4
cpe:2.3:a:xine:xine:1_beta4:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Rc1
cpe:2.3:a:xine:xine:1_rc1:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Rc2
cpe:2.3:a:xine:xine:1_rc2:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Rc0
cpe:2.3:a:xine:xine:1_rc0:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Rc4
cpe:2.3:a:xine:xine:1_rc4:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Rc5
cpe:2.3:a:xine:xine:1_rc5:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 0.9.8
cpe:2.3:a:xine:xine:0.9.8:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Alpha
cpe:2.3:a:xine:xine:1_alpha:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Rc7
cpe:2.3:a:xine:xine:1_rc7:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Rc8
cpe:2.3:a:xine:xine:1_rc8:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 0.9.18
cpe:2.3:a:xine:xine:0.9.18:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Rc6
cpe:2.3:a:xine:xine:1_rc6:*:*:*:*:*:*:*
Matching versions
Xine » Xine » Version: 1 Rc6a
cpe:2.3:a:xine:xine:1_rc6a:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 1 Beta1
cpe:2.3:a:xine:xine-lib:1_beta1:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 1 Beta6
cpe:2.3:a:xine:xine-lib:1_beta6:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 1 Beta7
cpe:2.3:a:xine:xine-lib:1_beta7:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 1 Beta2
cpe:2.3:a:xine:xine-lib:1_beta2:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 1 Beta3
cpe:2.3:a:xine:xine-lib:1_beta3:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 1 Rc2
cpe:2.3:a:xine:xine-lib:1_rc2:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 1 Rc3a
cpe:2.3:a:xine:xine-lib:1_rc3a:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 1 Beta4
cpe:2.3:a:xine:xine-lib:1_beta4:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 1 Beta5
cpe:2.3:a:xine:xine-lib:1_beta5:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 1 Rc3b
cpe:2.3:a:xine:xine-lib:1_rc3b:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 1 Rc3c
cpe:2.3:a:xine:xine-lib:1_rc3c:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 1 Beta10
cpe:2.3:a:xine:xine-lib:1_beta10:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 1 Beta11
cpe:2.3:a:xine:xine-lib:1_beta11:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 1 Beta8
cpe:2.3:a:xine:xine-lib:1_beta8:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 1 Beta9
cpe:2.3:a:xine:xine-lib:1_beta9:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 0.9.8
cpe:2.3:a:xine:xine-lib:0.9.8:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 0.99
cpe:2.3:a:xine:xine-lib:0.99:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 1 Rc1
cpe:2.3:a:xine:xine-lib:1_rc1:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 1 Rc6a
cpe:2.3:a:xine:xine-lib:1_rc6a:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 1 Rc7
cpe:2.3:a:xine:xine-lib:1_rc7:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 0.9.13
cpe:2.3:a:xine:xine-lib:0.9.13:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 1 Beta12
cpe:2.3:a:xine:xine-lib:1_beta12:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 1 Rc0
cpe:2.3:a:xine:xine-lib:1_rc0:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 1 Rc5
cpe:2.3:a:xine:xine-lib:1_rc5:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 1 Rc6
cpe:2.3:a:xine:xine-lib:1_rc6:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 1 Rc4
cpe:2.3:a:xine:xine-lib:1_rc4:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 1 Alpha
cpe:2.3:a:xine:xine-lib:1_alpha:*:*:*:*:*:*:*
Matching versions
Xine » Xine-lib » Version: 1 Rc3
cpe:2.3:a:xine:xine-lib:1_rc3:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2004-1187

Exploit prediction scoring system (EPSS) score for CVE-2004-1187

CVSS scores for CVE-2004-1187

References for CVE-2004-1187

Products affected by CVE-2004-1187