DEBIAN-CVE-2008-0486

Advisory lineage Upstream: 1 Downstream: 3

Upstream

CVE-2008-0486

Downstream

DSA-1496-1 DSA-1536-1 DTSA-114-1

Published: 05 Feb 2008, 12:00

Last modified:28 Apr 2026, 20:10

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

05 Feb 2008, 12:00

Published

Vulnerability first disclosed

28 Apr 2026, 20:10

Last Modified

Vulnerability information updated

Description

Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow.

Affected Systems

debian•mplayer
< 1.0~rc2-8 | < 1.0~rc2-8 | < 1.0~rc2-8 | < 1.0~rc2-8

References (1)

https://security-tracker.debian.org/tracker/CVE-2008-0486