Heap-based buffer overflow in mplayerc.exe in Media Player Classic (MPC) 6.4.9.0 and previous versions, as used standalone and in mympc (aka CD-Storm) 1.0.0.1, StormPlayer 1.0.4, and possibly other products, allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with an "indx truck size" of 0xffffffff, and certain wLongsPerEntry and nEntriesInuse values.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mympc cd-storm 1.0.0.1 |
||
verycd stormplayer 1.0.4 |
||
guliverkli media player classic |