EUVD-2006-3919

Malware in sbrugna...

InterActual Player IAKey ActiveX control stack buffer overflow

Overview The InterActual Player IAKey ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description InterActual Player is a video DVD playing application for Windows systems. InterActual Player wa...

InterActual Player IAMCE ActiveX control stack buffer overflow

Overview The InterActual Player IAMCE ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description InterActual Player is a video DVD playing application for Windows systems. InterActual Player wa...

InterActual Player IAMCE和IAKey控件远程栈溢出漏洞

BUGTRAQ ID: 24919 InterActual是一款DVD播放器。 InterActual播放器的IAMCE（IAMCE.dll）ActiveX控件在处理超过256字节的超长FailURL属性时存在栈溢出漏洞；IAKey（IAKey.dll）ActiveX控件在处理超过900字节的超长URLCode属性时存在另一个栈溢出漏洞，如果用户受骗加载了恶意媒体文件的话，就可能触发这些溢出，导致执行任意指令。 Roxio CinePlayer 3.2 InterActual Technologies InterActual Player 2.60.12.0717 厂商补丁：...

Stack overflow

Multiple stack-based buffer overflows in a InterActual Player 2.60.12.0717 and b Roxio CinePlayer 3.2 allow remote attackers to execute arbitrary code via a 1 long FailURL attribute in the IAMCE ActiveX Control IAMCE.dll or a 2 long URLCode attribute in the IAKey ActiveX Control IAKey.dll. NOTE:...

CVE-2007-3829

Multiple stack-based buffer overflows in a InterActual Player 2.60.12.0717 and b Roxio CinePlayer 3.2 allow remote attackers to execute arbitrary code via a 1 long FailURL attribute in the IAMCE ActiveX Control IAMCE.dll or a 2 long URLCode attribute in the IAKey ActiveX Control IAKey.dll. NOTE:...

CVE-2007-3829

The CVE-2007-3829 issue affects InterActual Player and Roxio CinePlayer due to stack-based buffer overflows in ActiveX controls IAKey (IAKEY.dll) and IAMCE (IAMCE.dll). Vendors describe a remote code execution risk when a user is convinced to view specially crafted HTML (e.g., web page or HTML em...

CVE-2007-3829

Multiple stack-based buffer overflows in a InterActual Player 2.60.12.0717 and b Roxio CinePlayer 3.2 allow remote attackers to execute arbitrary code via a 1 long FailURL attribute in the IAMCE ActiveX Control IAMCE.dll or a 2 long URLCode attribute in the IAKey ActiveX Control IAKey.dll. NOTE:...

KLA10222 ACE vulnerabilities in player

A buffer overflow was found in Player. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via specially designed attributes. Original advisories - Related products InterActual-Player Roxio-CinePlayer CVE list CVE-2007-0348...

IASystemInfo.DLL ActiveX控件缓冲区溢出漏洞

InterActual Player用于播放DVD等视频的媒体播放程序，CinePlayer也是功能强大的媒体播放程序。 InterActual Player/CinePlayer包含的ActiveX控件存在缓冲区溢出问题，远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 问题存在于IASystemInfo.dll ActiveX控件处理"ApplicationType"属性存在边界错误，超长的超过260字节的字符串可触发漏洞，可导致以应用程序进程权限执行任意指令。 Roxio CinePlayer 3.2 InterActual Technologies InterActual...

InterActual Player / CinePlayer ActiveX buffer overflow

Buffer overflow in IASystemInfo.dll ActiveX element...

Secunia Research: InterActual Player / CinePlayer IASystemInfo.dll ActiveX Control Buffer Overflow

====================================================================== Secunia Research 21/03/2007 - InterActual Player / CinePlayer - - IASystemInfo.dll ActiveX Control Buffer Overflow - ====================================================================== Table of Contents Affected...

CVE-2007-0348

Stack-based buffer overflow in the IASystemInfo.dll ActiveX control in 1 InterActual Player 2.60.12.0717, 2 Roxio CinePlayer 3.2, 3 WinDVD 7.0.27.172, and possibly other products, allows remote attackers to execute arbitrary code via a long ApplicationType property...

CVE-2007-0348

Stack-based buffer overflow in the IASystemInfo.dll ActiveX control in 1 InterActual Player 2.60.12.0717, 2 Roxio CinePlayer 3.2, 3 WinDVD 7.0.27.172, and possibly other products, allows remote attackers to execute arbitrary code via a long ApplicationType property...

CVE-2007-0348

CVE-2007-0348 : The IASystemInfo.dll ActiveX control in InterActual Player, Roxio CinePlayer, and WinDVD 7 embeds a stack-based buffer overflow vulnerability that can be triggered by a long ApplicationType property, enabling remote arbitrary code execution. Public references confirm vulnerable co...

InterActual Player SyscheckObject ActiveX controls contain stack buffer overflows

Overview InterActual Player provides multiple ActiveX controls that are vulnerable to buffer overflows. This can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description InterActual Player is a video DVD playing application for Windows systems...

InterActual Player ITIRecorder.MicRecorder ActiveX远程缓冲区溢出漏洞

InterActual Player是一款可以使用户播放Shockwave技术和语音识别技术的最新DVD多媒体节目。 InterActual Player ITIRecorder.MicRecorder ActiveX控件存在缓冲区溢出攻击，远程攻击者可以利用漏洞以进程权限执行任意指令。 通过构建恶意页，诱使用户访问来触发，目前没有详细漏洞细节提供。 InterActual Technologies InterActual Player 2.60.12 InterActual Player 2.6已经修正此漏洞：...

CVE-2006-3925

Stack-based buffer overflow in ITIRecorder.MicRecorder ActiveX control in iarecord.dll in InterActual Player before 2.6 allows remote attackers to execute arbitrary code via a long argument to the Files method. NOTE: the provenance of this information is unknown; the details are obtained from thi...

CVE-2006-3925

Stack-based buffer overflow in ITIRecorder.MicRecorder ActiveX control in iarecord.dll in InterActual Player before 2.6 allows remote attackers to execute arbitrary code via a long argument to the Files method. NOTE: the provenance of this information is unknown; the details are obtained from thi...

CVE-2006-3925

CVE-2006-3925: A stack-based buffer overflow in ITIRecorder.MicRecorder ActiveX control (iarecord.dll) in InterActual Player prior to 2.6 allows remote code execution via a long argument to the Files method. Current sources provide the vulnerability description and CVSS data (base score 6.4, MEDI...