Multiple integer overflows in Media Player Classic (MPC) 6.4.9.0 and previous versions, as used standalone and in mympc (aka CD-Storm) 1.0.0.1, StormPlayer 1.0.4, and possibly other products, allow remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
guliverkli media player classic |
||
mympc cd-storm 1.0.0.1 |
||
verycd stormplayer 1.0.4 |