Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
MediaMonkey 4.1.23 Denial of Service via Malformed URL
Vulnerability Description
MediaMonkey 4.1.23 contains a denial of service vulnerability that allows local attackers to crash the application by opening a specially crafted MP3 file containing an excessively long URL string. Attackers can create a malicious MP3 file with a buffer containing 4000 bytes of data appended to a URL, which causes the application to crash when the file is opened through the File > Open URL dialog.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
在释放前未清除敏感信息
Vulnerability Title
Ventis MediaMonkey 安全漏洞
Vulnerability Description
Ventis MediaMonkey是捷克Ventis公司的一款多功能音乐播放器软件。 Ventis MediaMonkey 4.1.23版本存在安全漏洞,该漏洞源于打开特制MP3文件时存在缓冲区溢出,可能导致本地攻击者通过包含超长URL字符串的文件使应用程序崩溃。
CVSS Information
N/A
Vulnerability Type
N/A