A vulnerability has been discovered in KMPlayer, which can be
exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error when processing MP3 files
and can be exploited to cause a stack-based buffer overflow via a
specially crafted file.
Successful exploitation allows execution of arbitrary code, but
requires tricking a user into opening a malicious MP3 file.
The vulnerability is confirmed in version 220.127.116.110. Other versions
may also be affected.
Do not open MP3 files from untrusted sources.
SECUNIA ADVISORY ID: