CVE-2007-4941

Published: Sep 18, 2007Modified: Apr 23, 2026

7.1

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Exploitability: 8.6 / Impact: 6.9

Source: NVD

Description

KMPlayer 2.9.3.1210 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a .avi file with certain large "indx truck size" and nEntriesInuse values.

Affected (1)

Products: Kde: Kmplayer

Kde

1 product

Kmplayer

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Kde Kmplayer	Up to 2.9.3.1210

Related CWEs

CWE-399

References (12)

http://osvdb.org/45939

Source: cve@mitre.org

http://securityreason.com/securityalert/3144

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/479222/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/25651

Source: cve@mitre.org

Exploit

http://www.vulnhunt.com/advisories/CAL-20070912-1_Multiple_vendor_produce_handling_AVI_file_vulnerabilities.txt

Source: cve@mitre.org

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/36585

Source: cve@mitre.org

http://osvdb.org/45939