CVE-2019-25604

HIGH 8.4

DVDXPlayer Pro 5.5 Local Buffer Overflow with SEH

CVSS Score

8.4

EPSS Score

0.0%

EPSS Percentile

0th

DVDXPlayer Pro 5.5 contains a local buffer overflow vulnerability with structured exception handling that allows local attackers to execute arbitrary code by crafting malicious playlist files. Attackers can create a specially crafted .plf file containing shellcode and NOP sleds that overflows a buffer and hijacks the SEH chain to execute arbitrary code with application privileges.

CWE	CWE-787
Vendor	dvd-x-player
Product	dvdxplayer
Published	Mar 22, 2026
Last Updated	Mar 23, 2026

Stay Ahead of the Next One

Get instant alerts for dvd-x-player dvdxplayer

Be the first to know when new high vulnerabilities affecting dvd-x-player dvdxplayer are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

Dvd-X-Player / DVDXPlayer

5.5 Pro

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/46962 dvd-x-player.com: http://www.dvd-x-player.com/download.html#dvdPlayer vulncheck.com: https://www.vulncheck.com/advisories/dvdxplayer-pro-local-buffer-overflow-with-seh

Credits

Kevin Randall