PT-2019-19377 · Pandoratv · Mplayer
Published
2019-04-09
·
Updated
2021-11-03
·
CVE-2019-9133
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
KMPlayer versions 2018.12.24.14 and earlier
Description
The issue arises when processing subtitles format media files, where the software fails to correctly check object size, leading to an integer underflow and subsequently to memory out-of-bound read/write. An attacker can exploit this by enticing a user to open a malicious file.
Recommendations
For KMPlayer versions 2018.12.24.14 and earlier, update to a version higher than 2018.12.24.14 to resolve the issue.
Fix
Integer Underflow
Integer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Mplayer