MediaMonkey 4.1.23 contains a denial of service vulnerability that allows local attackers to crash the application by opening a specially…
VulnCheck·CWE-226·Published 2026-03-21
MediaMonkey 4.1.23 contains a denial of service vulnerability that allows local attackers to crash the application by opening a specially crafted MP3 file containing an excessively long URL string. Attackers can create a malicious MP3 file with a buffer containing 4000 bytes of data appended to a URL, which causes the application to crash when the file is opened through the File > Open URL dialog.
MediaMonkey 4.1.23 contains a denial of service vulnerability that allows local attackers to crash the application by opening a specially crafted MP3 file containing an excessively long URL string. Attackers can create a malicious MP3 file with a buffer containing 4000 bytes of data appended to a URL, which causes the application to crash when the file is opened through the File > Open URL dialog.
MediaMonkey 4.1.23 contiene una vulnerabilidad de denegación de servicio que permite a atacantes locales colapsar la aplicación al abrir un archivo MP3 especialmente diseñado que contiene una cadena de URL excesivamente larga. Los atacantes pueden crear un archivo MP3 malicioso con un búfer que contiene 4000 bytes de datos adjuntos a una URL, lo que hace que la aplicación colapse cuando el archivo se abre a través del diálogo Archivo > Abrir URL.
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 3.1 | Primary | cve.org | 6.2 | — | — | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| 3.1 | Primary | cve.org | 6.2 | — | — | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| 3.1 | Primary | NVD | 5.5 | 1.8 | 3.6 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
| 3.1 | Secondary | NVD | 6.2 | 2.5 | 3.6 | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| 4.0 | Primary | cve.org | 6.9 | — | — | CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
| 4.0 | Primary | cve.org | 6.9 | — | — | CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
| 4.0 | Secondary | NVD | 6.9 | — | — | CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |