Vulnerabilities > CVE-2018-16797 - Out-of-bounds Write vulnerability in Kakaocorp Potplayer 1.7.8556

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
kakaocorp
CWE-787

Summary

A heap-based buffer overflow in PotPlayerMini.exe in PotPlayer 1.7.8556 allows remote attackers to execute arbitrary code via a .wav file with large BytesPerSec and SamplesPerSec values, and a small Data_Chunk_Size value.

Vulnerable Configurations

Part Description Count
Application
Kakaocorp
1

Common Weakness Enumeration (CWE)