Windows Media Player PNG buffer overflow

2006-06-16T00:00:00
ID SAINT:22F8CEA2C48CD689DD2D73E95291BF89
Type saint
Reporter SAINT Corporation
Modified 2006-06-16T00:00:00

Description

Added: 06/16/2006
CVE: CVE-2006-0025
BID: 18385
OSVDB: 26430

Background

Windows Media Player is an audio and video media player for Windows platforms.

Problem

A buffer overflow in Windows Media Player allows command execution when a user opens a specially crafted PNG image file.

Resolution

Apply the patch referenced in Microsoft Security Bulletin 06-024.

References

<http://www.kb.cert.org/vuls/id/608020>
<http://www.idefense.com/intelligence/vulnerabilities/display.php?id=406>

Limitations

Successful exploitation requires a user to download a PNG file and open it in Windows Media Player.

Execution of this exploit requires the Digest::CRC PERL module. On Linux systems this is typically found in a package named such as libdigest-crc-perl or perl-Digest-CRC.

Platforms

Windows 2000