CVE-2018-5200

Summary

KMPlayer 4.2.2.15 and earlier have a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted FLV format file. The problem is that more frame data is copied to heap memory than the size specified in the frame header. This results in a memory corruption and remote code execution.

Affected Software

VendorProductVersion RangeStatus
Pandora.tvKMPlayerKMPlayer <= 4.2.2.15affected

Weaknesses

  • Heap based overflow

ADP Enrichment

CVE Program Container

Additional References

References