3ivx MPEG-4基于堆栈的缓冲区溢出漏洞

BUGTRAQ ID: 26773 3ivx MPEG-4是一款MPEG-4编码工具。 3ivx MPEG-4处理MP4文件存在缓冲区溢出问题，远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 构建特殊的MP4文件，诱使用户使用3ivx MPEG-4打开，可导致触发基于堆栈的缓冲区溢出，可导致以应用程序进程权限执行任意指令。 此漏洞原来描述影响windows media player，但是现在更新报告为问题影响在3ivx MPEG-4内。 3ivx MPEG-4 5.0.1 目前没有详细解决方案提供： http://www.3ivx.com/ !/bin/perl Windows...

Windows Media Player 6.4 MP4 File Stack Overflow PoC

No description provided by source. !/bin/perl Windows media player 6.4 MP4 Stack Overflow 0-day discovered and exploited by SYS 49152 Tested on win XP SP2 ENG Shell on port 49152 usage: - download this codec in order to manage MP4 content: http://www.3ivx.com/coral/3ivxd4451win.exe...

3ivx MP4 codec buffer overflow

Buffer overflow on MP4 tags parsing...

Media Player Classic 6.4.9 MP4 File Stack Overflow Exploit

No description provided by source. !/bin/perl Media Player Classic 6.4.9 MP4 Stack Overflow 0-day discovered and exploited by SYS 49152 Tested on win XP SP2 ENG Shell on port 49152 usage: - download this codec in order to manage MP4 content: http://www.3ivx.com/coral/3ivxd4451win.exe...

Microsoft Windows Media Player 6.4 - .MP4 File Stack Overflow

Microsoft Windows Media Player 6.4 - .MP4 File Stack Overflow !/bin/perl Windows media player 6.4 MP4 Stack Overflow 0-day discovered and exploited by SYS 49152 Tested on win XP SP2 ENG Shell on port 49152 usage: - download this codec in order to manage MP4 content:...

wmp-overflow.txt

!/bin/perl Windows media player 6.4 MP4 Stack Overflow 0-day discovered and exploited by SYS 49152 Tested on win XP SP2 ENG Shell on port 49152 usage: - download this codec in order to manage MP4 content: http://www.3ivx.com/coral/3ivxd4451win.exe - open the MP4 file with mplayer2.exe SYS 49152...

Media Player Classic 6.4.9 - .MP4 File Stack Overflow

Media Player Classic 6.4.9 - .MP4 File Stack Overflow !/bin/perl Media Player Classic 6.4.9 MP4 Stack Overflow 0-day discovered and exploited by SYS 49152 Tested on win XP SP2 ENG Shell on port 49152 usage: - download this codec in order to manage MP4 content:...

Media Player Classic 6.4.9 - '.MP4' File Stack Overflow

!/bin/perl Media Player Classic 6.4.9 MP4 Stack Overflow 0-day discovered and exploited by SYS 49152 Tested on win XP SP2 ENG Shell on port 49152 usage: - download this codec in order to manage MP4 content: http://www.3ivx.com/coral/3ivxd4451win.exe - open the MP4 file with mplayerc.exe SYS 49152...

Microsoft Windows Media Player 6.4 - '.MP4' File Stack Overflow

!/bin/perl Windows media player 6.4 MP4 Stack Overflow 0-day discovered and exploited by SYS 49152 Tested on win XP SP2 ENG Shell on port 49152 usage: - download this codec in order to manage MP4 content: http://www.3ivx.com/coral/3ivxd4451win.exe - open the MP4 file with mplayer2.exe SYS 49152...

Heap overflow

Multiple buffer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large 1 Metadata Block Size, 2 VORBIS Comment String Size, 3 Picture Metadata MIME-TYPE Size, 4 Picture Description Size, 5 Picture Data Length, 6...

Double free

Multiple double free vulnerabilities in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via malformed 1 Seektable values or 2 Seektable Data Offsets in a .FLAC file...

Design/Logic Flaw

Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allows user-assisted remote attackers to force a client to download arbitrary files via the MIME-Type URL flag -- for the FLAC image file in a crafted .FLAC file...

CVE-2007-6277

Multiple buffer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large 1 Metadata Block Size, 2 VORBIS Comment String Size, 3 Picture Metadata MIME-TYPE Size, 4 Picture Description Size, 5 Picture Data Length, 6...

CVE-2007-6278

Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allows user-assisted remote attackers to force a client to download arbitrary files via the MIME-Type URL flag -- for the FLAC image file in a crafted .FLAC file...

CVE-2007-6277

Multiple buffer overflows in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large 1 Metadata Block Size, 2 VORBIS Comment String Size, 3 Picture Metadata MIME-TYPE Size, 4 Picture Description Size, 5 Picture Data Length, 6...

CVE-2007-6277

The CVE-2007-6277 entry covers multiple heap- and stack-based overflow vulnerabilities in the FLAC library (libFLAC) prior to 1.2.1 that could allow remote code execution when processing specially crafted FLAC files. Connected advisories confirm concrete details: several overflow vectors (heap/st...

CVE-2007-6279

Multiple double free vulnerabilities in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via malformed 1 Seektable values or 2 Seektable Data Offsets in a .FLAC file...

CVE-2007-6279

The vulnerability is in the Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1, where multiple double-free flaws affect parsing .FLAC files. Specifically, malformed Seektable values or Seektable Data Offsets can allow user‑assisted remote attackers to execute arbitrary code. Practical impact i...

CVE-2007-6279

Multiple double free vulnerabilities in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via malformed 1 Seektable values or 2 Seektable Data Offsets in a .FLAC file...

Apple QuickTime 7.2/7.3 RTSP Response Universal Exploit (IE7/FF/Opera)

No description provided by source. !/usr/bin/python http://www.offensive-security.com Bug discovered by Krystian Kloskowski h07 [email protected] Tested on: Apple QuickTime Player 7.3 / 7.2 IE7,FF /Opera, XP SP2, Vista...