|Date: (C)2007-09-18 (M)2017-08-01|
|CVSS Score: 9.3||Access Vector: NETWORK|
|Exploitability Subscore: 8.6||Access Complexity: MEDIUM|
|Impact Subscore: 10.0||Authentication: NONE|
| ||Confidentiality: COMPLETE|
| ||Integrity: COMPLETE|
| ||Availability: COMPLETE|
Multiple integer overflows in Media Player Classic (MPC) 18.104.22.168 and earlier, as used standalone and in mympc (aka CD-Storm) 22.214.171.124, StormPlayer 1.0.4, and possibly other products, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values.