GHSA-prm3-j874-4mpgHighCVSS 8.4

AllPlayer 7.4 contains a local buffer overflow vulnerability in URL handling that allows...

Published
June 4, 2026
Last Modified
June 4, 2026

🔗 CVE IDs covered (1)

📋 Description

AllPlayer 7.4 contains a local buffer overflow vulnerability in URL handling that allows attackers to overwrite structured exception handling pointers by supplying an excessively long URL string. Attackers can craft a malicious URL, paste it into the Open URL dialog, and trigger SEH-based code execution to run arbitrary commands with user privileges.

🔗 References (6)