Published: 09/04/2019 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

When processing subtitles format media file, KMPlayer version 2018.12.24.14 or lower doesn't check object size correctly, which leads to integer underflow then to memory out-of-bound read/write. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
kmplayer kmplayer
fedoraproject fedora 29
fedoraproject fedora 30

A collection of links related to Korean products hacking

Awesome Korean Products Hacking A collection of links related to Korean products hacking Pull requests are welcome :) ipTIME 2023: (KVE-2023-0133) ipTIME AX2004M pre-auth remote code execution by babamba 2018: iptime 10002 preauth vulnerability by jinmo123 2015: 127 ipTIME router models vulnerable to an unauthenticated RCE by sending a crafted DHCP request by Pierre Kim 201

CWE-191 https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=34991 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4D55BLGBNWNIMNI5N57WDPAFQCUIM6XX/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VT5HBIKH64YRZFFAPXGOTHIQJHSTQJF7/https://nvd.nist.gov https://github.com/kaist-hacking/awesome-korean-products-hacking

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-9133

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect