CVE-2019-25735
AllPlayer 7.4 Local Buffer Overflow via Malicious URL
Publication date: 2026-06-04
Last updated on: 2026-06-04
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| allplayer | allplayer | 7.4 |
| allplayer | allplayer | to 7.4 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in AllPlayer 7.4 allows local attackers to execute arbitrary code with user privileges by exploiting a buffer overflow in URL handling. This can lead to unauthorized access or control over the affected system.
Such unauthorized code execution and potential system compromise could impact compliance with standards and regulations like GDPR and HIPAA, which require protection of personal data and secure system operation to prevent data breaches.
However, the provided information does not explicitly discuss the direct impact of this vulnerability on compliance with these or other common standards and regulations.
Can you explain this vulnerability to me?
AllPlayer version 7.4 contains a local buffer overflow vulnerability in its URL handling mechanism. This flaw allows attackers to overwrite structured exception handling (SEH) pointers by supplying an excessively long URL string. By crafting a malicious URL and pasting it into the Open URL dialog, an attacker can trigger SEH-based code execution, enabling them to run arbitrary commands with the privileges of the logged-in user.
This vulnerability is classified under CWE-120, which involves buffer copy operations that do not properly check input size, leading to classic buffer overflow conditions.
How can this vulnerability impact me? :
Exploiting this vulnerability allows an attacker to execute arbitrary commands on the affected system with the same privileges as the logged-in user. This can lead to unauthorized actions such as installing malware, stealing data, or modifying system settings.
Because the attack requires user interaction (pasting a malicious URL into the Open URL dialog), it is a local exploit but can still result in significant compromise of the user's system security.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is a local buffer overflow in AllPlayer 7.4 triggered by supplying an excessively long URL string via the Open URL dialog. Detection involves monitoring for crashes or abnormal behavior in AllPlayer when opening URLs.
Since the exploit requires user interaction to paste a malicious URL into the Open URL dialog, network detection is limited. However, you can check for the presence of AllPlayer version 7.4 on your systems.
- On Windows, use the command: wmic product where "name like '%AllPlayer%'" get name, version
- Check running processes for AllPlayer: tasklist /FI "IMAGENAME eq AllPlayer.exe"
- Monitor application crash logs or Windows Event Viewer for crashes related to AllPlayer.exe, which may indicate exploitation attempts.
No specific network commands or signatures are provided for detecting exploitation attempts, as the attack vector is local and requires user interaction.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately upgrade AllPlayer to a version later than 7.4, as the vulnerability affects all versions up to and including 7.4.
Avoid opening untrusted or suspicious URLs in the Open URL dialog of AllPlayer.
Restrict user privileges to limit the impact of potential exploitation, since the vulnerability allows code execution with user privileges.
Monitor for application crashes and unusual behavior in AllPlayer and consider disabling or uninstalling the software if an immediate update is not available.