5 matches found
EUVD-2019-20171
AllPlayer 7.4 contains a local buffer overflow vulnerability in URL handling that allows attackers to overwrite structured exception handling pointers by supplying an excessively long URL string. Attackers can craft a malicious URL, paste it into the Open URL dialog, and trigger SEH-based code...
CVE-2019-25735 AllPlayer 7.4 Local Buffer Overflow via SEH Unicode
AllPlayer 7.4 contains a local buffer overflow vulnerability in URL handling that allows attackers to overwrite structured exception handling pointers by supplying an excessively long URL string. Attackers can craft a malicious URL, paste it into the Open URL dialog, and trigger SEH-based code...
CVE-2019-25595
CVE-2019-25595 affects jetAudio 8.1.7.20702 Basic. The vulnerability is a denial-of-service in the URL input handler: feeding an excessively long string (e.g., a 5000-character buffer) can crash the application. This is a local attack with no user interaction beyond opening the URL dialog. The av...
CVE-2019-25571 MediaMonkey 4.1.23 Denial of Service via Malformed URL
MediaMonkey 4.1.23 contains a denial of service vulnerability that allows local attackers to crash the application by opening a specially crafted MP3 file containing an excessively long URL string. Attackers can create a malicious MP3 file with a buffer containing 4000 bytes of data appended to a...
CVE-2019-25571
MediaMonkey 4.1.23 contains a denial of service vulnerability that allows local attackers to crash the application by opening a specially crafted MP3 file containing an excessively long URL string. Attackers can create a malicious MP3 file with a buffer containing 4000 bytes of data appended to a...