MidnightBSD

Advisories for mpc-hc

CVE-2007-2723 HIGH

Media Player Classic 6.4.9.0 allows user-assisted remote attackers to cause a denial of service (web browser crash) via an "empty" .MPA file, which triggers a divide-by-zero error.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: HIGH

Problem Type: CWE-369,

Products Affected

Vendor Product Version
mpc-hc media_player_classic 6.4.9.0
CVE-2013-3488 MEDIUM

Stack-based buffer overflow in Media Player Classic - Home Cinema (MPC-HC) before 1.7.0.7858 allows remote attackers to execute arbitrary code via a crafted MPEG-2 Transport Stream (M2TS) file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,

Products Affected

Vendor Product Version
mpc-hc mpc-hc *
CVE-2013-3489 MEDIUM

Buffer overflow in Media Player Classic - Home Cinema (MPC-HC) before 1.7.0 allows remote attackers to execute arbitrary code via a crafted RealMedia .rm file

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,

Products Affected

Vendor Product Version
mpc-hc mpc-hc *
CVE-2019-17260 MEDIUM

MPC-HC through 1.7.13 allows a Read Access Violation on a Block Data Move starting at mpc_hc!memcpy+0x000000000000004e.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
mpc-hc mpc-hc *