Buffer overflow in Quintessential Player 4.50.1.82 and previous versions allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) M3u or (2) M3u-8 file; or a (3) crafted PLS file with a long value in the (a) NumberofEntries, (b) Length (aka Length1), (c) Filename (aka File1), (d) Title (aka Title1) field, or other unspecified fields.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
quinnware quintessential_player |