Check CVE Id
Check CWE Id
When processing subtitles format media file, KMPlayer version 2018.12.24.14 or lower doesn't check object size correctly, which leads to integer underflow then to memory out-of-bound read/write. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file.
KMPlayer 126.96.36.199 allows remote attackers to cause a denial of service via a crafted NSV file.
Untrusted search path vulnerability in KMPlayer 188.8.131.52 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse ehtrace.dll that is located in the current working directory.
Heap-based buffer overflow in KMPlayer 184.108.40.2061, and possibly other versions, allows remote attackers to execute arbitrary code via a playlist (.KPL) file with a long Title field.
Back to Top