KMPlayer 4.2.2.31 allows a User Mode Write AV starting at utils!src_new+0x000000000014d6ee.
Max CVSS
7.8
EPSS Score
0.05%
Published
2019-10-08
Updated
2019-10-10
When processing subtitles format media file, KMPlayer version 2018.12.24.14 or lower doesn't check object size correctly, which leads to integer underflow then to memory out-of-bound read/write. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file.
Max CVSS
7.8
EPSS Score
0.12%
Published
2019-04-09
Updated
2021-11-03
KMPlayer 4.2.2.4 allows remote attackers to cause a denial of service via a crafted NSV file.
Max CVSS
5.5
EPSS Score
0.32%
Published
2017-11-28
Updated
2017-12-14
Untrusted search path vulnerability in KMPlayer 3.2.0.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse ehtrace.dll that is located in the current working directory.
Max CVSS
9.3
EPSS Score
0.10%
Published
2012-07-03
Updated
2017-08-29
Heap-based buffer overflow in KMPlayer 3.0.0.1441, and possibly other versions, allows remote attackers to execute arbitrary code via a playlist (.KPL) file with a long Title field.
Max CVSS
9.3
EPSS Score
5.46%
Published
2011-09-02
Updated
2017-08-29
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!