CVE-2023-1745 Vulnerability Details

  /     /     /  

CVE-2023-1745 Metadata Quick Info

CVE Published: 30/03/2023 | CVE Updated: 02/08/2024 | CVE Year: 2023
Source: VulDB | Vendor: n/a | Product: KMPlayer
Status : PUBLISHED

---

CVE-2023-1745 Description

A vulnerability, which was classified as problematic, has been found in KMPlayer 4.2.2.73. This issue affects some unknown processing in the library SHFOLDER.dll. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The identifier VDB-224633 was assigned to this vulnerability.

Metrics

CVSS Version: 3.1 | Base Score: 5.3 MEDIUM
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-427
CWE Name: CWE-427 Uncontrolled Search Path
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).