MOAB-27-01-2007: Telestream Flip4Mac WMV Parsing Memory Corruption Vulnerability

Summary The vendor Telestream provides the following description of the software: Flip4Mac™ WMV is a collection of QuickTime components that allow you to play, import, and export Windows Media video and audio files on your Mac using your favorite QuickTime-based applications. WMV files use the...

Microsoft Windows Media Format ASF Parsing Buffer Overflow (MS06-078; CVE-2006-4702)

Advanced Streaming Format ASF is a proprietary streaming format developed by Microsoft that defines the structure of complex, synchronized object data streams and provides streaming media services for the Windows Media framework. It is used for multimedia data including audio, video, still images...

Microsoft Windows Media Format运行时库远程任意指令执行漏洞（MS06-078）

Microsoft Windows是微软发布的非常流行的操作系统。 Windows的Media Format的运行时库在处理包含畸形内容的ASF及ASX文件时存在漏洞，远程攻击者可能利用此漏洞完全控制用户机器。 如果用户浏览了恶意设置的网站或被诱骗打开了包含恶意内容的电子邮件，远程攻击者可能在用户机器上执行任意指令。 Microsoft Windows Media Player 6.4 Microsoft Windows Media Format 9.5 Series Runtime x64 Edition Microsoft Windows Media Format 7.1 - 9.5...

Microsoft Windows Media Format Runtime buffer overflow

Buffer oveflows on parsing ASF .ASF, .WMV, .WMA and ASX files...

Debian DSA-1081-1 : libextractor - buffer overflow

Luigi Auriemma discovered a buffer overflow in the processing of ASF files in libextractor, a library to extract arbitrary meta-data from files, which can lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

DSA-1081-1 libextractor - buffer overflow

Bulletin has no description...

GLSA-200605-14 : libextractor: Two heap-based buffer overflows

The remote host is affected by the vulnerability described in GLSA-200605-14 libextractor: Two heap-based buffer overflows Luigi Auriemma has found two heap-based buffer overflows in libextractor 0.5.13 and earlier: one of them occurs in the asfreadheader function in the ASF plugin, and the other...

CVE-2006-2458

Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote attackers to execute arbitrary code via 1 the asfreadheader function in the ASF plugin plugins/asfextractor.c, and 2 the parsetrakatom function in the QT plugin plugins/qtextractor.c...

PYSEC-2006-4

Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote attackers to execute arbitrary code via 1 the asfreadheader function in the ASF plugin plugins/asfextractor.c, and 2 the parsetrakatom function in the QT plugin plugins/qtextractor.c...

CVE-2006-2458

Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote attackers to execute arbitrary code via 1 the asfreadheader function in the ASF plugin plugins/asfextractor.c, and 2 the parsetrakatom function in the QT plugin plugins/qtextractor.c...

Heap overflow

Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote attackers to execute arbitrary code via 1 the asfreadheader function in the ASF plugin plugins/asfextractor.c, and 2 the parsetrakatom function in the QT plugin plugins/qtextractor.c...

CVE-2006-2458

Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote attackers to execute arbitrary code via 1 the asfreadheader function in the ASF plugin plugins/asfextractor.c, and 2 the parsetrakatom function in the QT plugin plugins/qtextractor.c...

CVE-2006-2458

CVE-2006-2458: Libextractor (up to 0.5.13) contains two heap-based buffer overflows—one in the ASF plugin (asf_read_header) and one in the QT plugin (parse_trak_atom)—allowing remote code execution. Connected advisories corroborate vulnerable versions and indicate a fix was released (e.g., Debian...

CVE-2006-2458

Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote attackers to execute arbitrary code via 1 the asfreadheader function in the ASF plugin plugins/asfextractor.c, and 2 the parsetrakatom function in the QT plugin plugins/qtextractor.c...

libextractor buffer overflow

Heap memory overflow on ASF streams and QuickTime parsing...

FreeBSD : mplayer -- heap overflow in the ASF demuxer (104beb63-af4d-11da-8414-0013d4a4a40e)

The Mplayer team reports : A potential buffer overflow was found in the ASF demuxer. Arbitrary remote code execution is possible under the user ID running the player when streaming an ASF file from a malicious server or local code execution under the user ID running the player if a malicious ASF...

CVE-2006-1547

CVE-2006-1547 affects Apache Struts 1.x before 1.2.9 when used with BeanUtils 1.7. The vulnerability arises from ActionForm handling a multipart/form-data form where a parameter name references getMultipartRequestHandler, granting access to elements in CommonsMultipartRequestHandler and BeanUtils...

CVE-2006-1548

CVE-2006-1548 is an XSS vulnerability in Apache Struts prior to 1.2.9. The flaw allows remote attackers to inject arbitrary script/HTML via the request parameter name in LookUpDispatchAction, and possibly DispatchAction and ActionDispatcher, with the error message not filtering the input. Connect...

CVE-2006-1502

Multiple integer overflows in MPlayer 1.0pre7try2 allow remote attackers to cause a denial of service and trigger heap-based buffer overflows via 1 a certain ASF file handled by asfheader.c that causes the asfdescrambling function to be passed a negative integer after the conversion from a char t...

CVE-2006-1502

Multiple integer overflows in MPlayer 1.0pre7try2 allow remote attackers to cause a denial of service and trigger heap-based buffer overflows via 1 a certain ASF file handled by asfheader.c that causes the asfdescrambling function to be passed a negative integer after the conversion from a char t...