PT-2019-19377 · Pandoratv · Mplayer

Publicado

2019-04-09

Atualizado

2021-11-03

CVE-2019-9133

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions KMPlayer versions 2018.12.24.14 and earlier

Description The issue arises when processing subtitles format media files, where the software fails to correctly check object size, leading to an integer underflow and subsequently to memory out-of-bound read/write. An attacker can exploit this by enticing a user to open a malicious file.

Recommendations For KMPlayer versions 2018.12.24.14 and earlier, update to a version higher than 2018.12.24.14 to resolve the issue.

Correção

Integer Underflow

Integer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-191CWE-190

Identificadores relacionados

CVE-2019-9133

Produtos afetados

Mplayer

PT-2019-19377 · Pandoratv · Mplayer

CVE-2019-9133

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5