Microsoft Windows Media Player Skin File Handling Overflow

2007-08-14T14:48:58
ID OSVDB:36385
Type osvdb
Reporter Piotr Bania(ania.piotr@gmail.com)
Modified 2007-08-14T14:48:58

Description

Vulnerability Description

A buffer overflow exists in Windows Media Player 11. The player fails to handle the space allocated for uncompressing a compressed skin file resulting in a heap overflow. With a specially crafted file, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution Description

Microsoft Corporation has released a patch to address this vulnerability.

Short Description

A buffer overflow exists in Windows Media Player 11. The player fails to handle the space allocated for uncompressing a compressed skin file resulting in a heap overflow. With a specially crafted file, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

References:

Security Tracker: 1018565 Secunia Advisory ID:26433 Related OSVDB ID: 36386 Other Advisory URL: http://www.zerodayinitiative.com/advisories/ZDI-07-046.html OVAL ID: 2207 News Article: http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9030696 Microsoft Security Bulletin: MS07-047 Microsoft Knowledge Base Article: 936782 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-08/0216.html Keyword: aka "Windows Media Player Code Execution Vulnerability Parsing Skins" FrSIRT Advisory: ADV-2007-2871 CVE-2007-3037 Bugtraq ID: 25305