cbcvebase.
CVE-2007-4940
published 2007-09-18

CVE-2007-4940: Multiple integer overflows in Media Player Classic (MPC) 6.4.9.0 and earlier, as used standalone and in mympc (aka CD-Storm) 1.0.0.1, StormPlayer 1.0.4, and…

PriorityP430critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
4.37%
90.1th percentile
Multiple integer overflows in Media Player Classic (MPC) 6.4.9.0 and earlier, as used standalone and in mympc (aka CD-Storm) 1.0.0.1, StormPlayer 1.0.4, and possibly other products, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values.

Affected

4 ranges
VendorProductVersion rangeFixed in
guliverklimedia_player_classic<= 6.4.9.0
mympccd-storm
rob_schultzmedia_player_classic
verycdstormplayer
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.