| CVE-2007-2723 | Med | 0.36 | 5.5 | 0.01 | | May 16, 2007 | Media Player Classic 6.4.9.0 allows user-assisted remote attackers to cause a denial of service (web browser crash) via an "empty" .MPA file, which triggers a divide-by-zero error. |
| CVE-2007-4939 | | 0.05 | — | 0.24 | | Sep 18, 2007 | Heap-based buffer overflow in mplayerc.exe in Media Player Classic (MPC) 6.4.9.0 and earlier, as used standalone and in mympc (aka CD-Storm) 1.0.0.1, StormPlayer 1.0.4, and possibly other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with an "indx truck size" of 0xffffffff, and certain wLongsPerEntry and nEntriesInuse values. |
| CVE-2006-7222 | | 0.05 | — | 0.23 | | Aug 28, 2007 | Buffer overflow in the CFLICStream::_deltachunk function in FLICSource.cpp in Media Player Classic (MPC) 6.4.9.0 allows user-assisted remote attackers to execute arbitrary code via a crafted FLI file. |
| CVE-2009-3201 | | 0.04 | — | 0.06 | | Sep 15, 2009 | Integer overflow in Media Player Classic 6.4.9 allows user-assisted remote attackers to cause a denial of service (application crash) via a MIDI file (.mid) with a malformed header, which triggers a buffer overflow, a different vulnerability than CVE-2007-4940. |
| CVE-2007-6402 | | 0.03 | — | 0.06 | | Dec 17, 2007 | Stack-based buffer overflow in mplayerc.exe in Media Player Classic (MPC) 6.4.9, when used with the 3ivx 4.5.1 or 5.0.1 codec, allows remote attackers to execute arbitrary code via a certain .mp4 file, possibly a related issue to CVE-2007-6401. |
| CVE-2007-4940 | | 0.00 | — | 0.03 | | Sep 18, 2007 | Multiple integer overflows in Media Player Classic (MPC) 6.4.9.0 and earlier, as used standalone and in mympc (aka CD-Storm) 1.0.0.1, StormPlayer 1.0.4, and possibly other products, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values. |
| CVE-2007-4884 | | 0.00 | — | 0.01 | | Sep 14, 2007 | Media Player Classic (MPC) allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error. |
| CVE-2007-3663 | | 0.00 | — | 0.02 | | Jul 10, 2007 | Divide-by-zero error in Media Player Classic (MPC) 6.4.9.0 allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted MPA file. |
| CVE-2007-3662 | | 0.00 | — | 0.03 | | Jul 10, 2007 | Media Player Classic (MPC) 6.4.9.0 allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted FLV file. |
