o KMPlayer has a integer underflow vulnerability. This results in a memory corruption and denial of service.
o When processing subtitles format media file, KMPlayer doesn't check object size correctly, which leads to integer underflow then to memory out-of-bound read/write. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file.
□ Affected Product
2018.12.24.14 and prior
o Update to patched release version(2019.03.28.01)