Published: 18/09/2007 Updated: 15/10/2018

CVSS v2 Base Score: 7.1 | Impact Score: 6.9 | Exploitability Score: 8.6

VMScore: 715

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C

KMPlayer 2.9.3.1210 and previous versions allows remote malicious users to cause a denial of service (CPU consumption) via a .avi file with certain large "indx truck size" and nEntriesInuse values.

Vulnerable Product	Search on Vulmon	Subscribe to Product
kde kmplayer

source: wwwsecurityfocuscom/bid/25651/info KMPlayer is prone to multiple denial-of-service vulnerabilities when handling malformed AVI media files Successfully exploiting this issue allows remote attackers to deny service to legitimate users These issues affect KMPlayer 2931210; other versions may also be vulnerable new_avihead_ ...

CWE-399 http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt http://www.securityfocus.com/bid/25651 http://securityreason.com/securityalert/3144 http://osvdb.org/45939 https://exchange.xforce.ibmcloud.com/vulnerabilities/36585 http://www.securityfocus.com/archive/1/479222/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/30580/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-4941

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect