GHSA-prm3-j874-4mpgHighCVSS 8.4
AllPlayer 7.4 contains a local buffer overflow vulnerability in URL handling that allows...
🔗 CVE IDs covered (1)
📋 Description
AllPlayer 7.4 contains a local buffer overflow vulnerability in URL handling that allows attackers to overwrite structured exception handling pointers by supplying an excessively long URL string. Attackers can craft a malicious URL, paste it into the Open URL dialog, and trigger SEH-based code execution to run arbitrary commands with user privileges.