Vulnerability Name:

CVE-2005-1195 (CCN-20171)

Assigned:2005-04-16
Published:2005-04-16
Updated:2017-07-11
Summary:Multiple heap-based buffer overflows in the code used to handle (1) MMS over TCP (MMST) streams or (2) RealMedia RTSP streams in xine-lib before 1.0, and other products that use xine-lib such as MPlayer 1.0pre6 and earlier, allow remote malicious servers to execute arbitrary code.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2005-1195

Source: CONFIRM
Type: UNKNOWN
http://cvs.sourceforge.net/viewcvs.py/xine/xine-lib/src/input/librtsp/rtsp.c?r1=1.18&r2=1.19&diff_format=u

Source: CONFIRM
Type: UNKNOWN
http://cvs.sourceforge.net/viewcvs.py/xine/xine-lib/src/input/mms.c?r1=1.55&r2=1.56&diff_format=u

Source: BUGTRAQ
Type: UNKNOWN
20050421 xine security announcement: multiple heap overflows in MMS and Real RTSP streaming clients

Source: CCN
Type: SA15014
MPlayer RTSP and MMST Streams Buffer Overflow Vulnerabilities

Source: SECUNIA
Type: Patch
15014

Source: CCN
Type: SECTRACK ID: 1013771
MPlayer MMST and RTSP Buffer Overflows Let Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: UNKNOWN
1013771

Source: CCN
Type: GLSA-200504-19
MPlayer: Two heap overflow vulnerabilities

Source: GENTOO
Type: UNKNOWN
GLSA-200504-19

Source: CCN
Type: MPlayer Web site
2005.04.16, Saturday :: MPlayer 1.0pre7 released

Source: CCN
Type: MPlayer News Document Vuln10
Real RTSP heap overflow

Source: CONFIRM
Type: Patch
http://www.mplayerhq.hu/homepage/design7/news.html#vuln10

Source: CONFIRM
Type: Patch
http://www.mplayerhq.hu/homepage/design7/news.html#vuln11

Source: OSVDB
Type: UNKNOWN
15711

Source: OSVDB
Type: UNKNOWN
15712

Source: CCN
Type: OSVDB ID: 15711
MPlayer Real RTSP Stream Handling Overflow

Source: CCN
Type: OSVDB ID: 15712
MPlayer MMST Stream Handling Overflow

Source: BUGTRAQ
Type: UNKNOWN
20050421 [PLSN-0003] - Remote exploits in MPlayer

Source: CCN
Type: BID-13270
MPlayer RTSP Server Line Response Remote Buffer Overflow Vulnerability

Source: BID
Type: UNKNOWN
13271

Source: CCN
Type: BID-13271
MPlayer MMST Stream ID Remote Buffer Overflow Vulnerability

Source: CCN
Type: TLSA-2005-65
Multiple heap-based buffer overflows

Source: CCN
Type: USN-123-1
Xine library vulnerabilities

Source: XF
Type: UNKNOWN
mplayer-rtsp-stream-bo(20171)

Source: XF
Type: UNKNOWN
mplayer-rtsp-stream-bo(20171)

Source: XF
Type: UNKNOWN
mplayer-mmst-stream-bo(20175)

Source: SUSE
Type: SUSE-SR:2005:012
SUSE Security Summary Report

Source: SUSE
Type: SUSE-SR:2005:013
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:mplayer:mplayer:*:*:*:*:*:*:*:* (Version <= 1.0_pre6)
  • OR cpe:/a:xine:xine-lib:1_beta1:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine-lib:1_beta2:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine-lib:1_beta3:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine-lib:1_beta4:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine-lib:1_beta5:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine-lib:1_beta6:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine-lib:1_beta7:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine-lib:1_beta8:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine-lib:1_beta9:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine-lib:1_beta10:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine-lib:1_beta11:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine-lib:1_rc2:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine-lib:1_rc3a:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine-lib:1_rc3b:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine-lib:1_rc3c:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Vulnerability Name:

    CVE-2005-1195 (CCN-20175)

    Assigned:2005-04-16
    Published:2005-04-16
    Updated:2005-04-16
    Summary:MPlayer is vulnerable to a heap-based buffer overflow caused by a vulnerability in the code handling the Microsoft Media Services Stream (MMST). By setting up a malicious server and sending more than 20 streams, a remote attacker could overflow a buffer and execute arbitrary code on the system with privileges of the user running MPlayer.
    CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
    Exploitability Metrics:Attack Vector (AV): Network
    Attack Complexity (AC): Low
    Privileges Required (PR): None
    User Interaction (UI): None
    Scope:Scope (S): Unchanged
    Impact Metrics:Confidentiality (C): Low
    Integrity (I): Low
    Availibility (A): Low
    CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
    Exploitability Metrics:Access Vector (AV): Network
    Access Complexity (AC): Low
    Authentication (Au): None
    Impact Metrics:Confidentiality (C): Partial
    Integrity (I): Partial
    Availibility (A): Partial
    7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
    Exploitability Metrics:Access Vector (AV): Network
    Access Complexity (AC): Low
    Athentication (Au): None
    Impact Metrics:Confidentiality (C): Partial
    Integrity (I): Partial
    Availibility (A): Partial
    Vulnerability Consequences:Gain Access
    References:Source: CCN
    Type: GLSA 200504-19
    MPlayer: Two heap overflow vulnerabilities

    Source: MITRE
    Type: CNA
    CVE-2005-1195

    Source: CCN
    Type: SA15014
    MPlayer RTSP and MMST Streams Buffer Overflow Vulnerabilities

    Source: CCN
    Type: SECTRACK ID: 1013771
    MPlayer MMST and RTSP Buffer Overflows Let Remote Users Execute Arbitrary Code

    Source: CCN
    Type: GLSA-200504-19
    MPlayer: Two heap overflow vulnerabilities

    Source: CCN
    Type: MPlayer Web site
    2005.04.16, Saturday :: MPlayer 1.0pre7 released

    Source: CCN
    Type: MPlayer News Document Vuln11
    MMST heap overflow

    Source: CCN
    Type: OSVDB ID: 15711
    MPlayer Real RTSP Stream Handling Overflow

    Source: CCN
    Type: OSVDB ID: 15712
    MPlayer MMST Stream Handling Overflow

    Source: CCN
    Type: BID-13271
    MPlayer MMST Stream ID Remote Buffer Overflow Vulnerability

    Source: CCN
    Type: TLSA-2005-65
    Multiple heap-based buffer overflows

    Source: CCN
    Type: USN-123-1
    Xine library vulnerabilities

    Source: XF
    Type: UNKNOWN
    mplayer-mmst-stream-bo(20175)

    Source: SUSE
    Type: SUSE-SR:2005:012
    SUSE Security Summary Report

    Source: SUSE
    Type: SUSE-SR:2005:013
    SUSE Security Summary Report

    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20051195
    V
    		CVE-2005-1195
    2015-11-16
    BACK
    mplayer mplayer *
    xine xine-lib 1_beta1
    xine xine-lib 1_beta2
    xine xine-lib 1_beta3
    xine xine-lib 1_beta4
    xine xine-lib 1_beta5
    xine xine-lib 1_beta6
    xine xine-lib 1_beta7
    xine xine-lib 1_beta8
    xine xine-lib 1_beta9
    xine xine-lib 1_beta10
    xine xine-lib 1_beta11
    xine xine-lib 1_rc2
    xine xine-lib 1_rc3a
    xine xine-lib 1_rc3b
    xine xine-lib 1_rc3c