EUVD-2006-3919

Malware in sbrugna...

InterActual Player IAKey ActiveX control stack buffer overflow

Overview The InterActual Player IAKey ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description InterActual Player is a video DVD playing application for Windows systems. InterActual Player wa...

InterActual Player IAMCE ActiveX control stack buffer overflow

Overview The InterActual Player IAMCE ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description InterActual Player is a video DVD playing application for Windows systems. InterActual Player wa...

InterActual Player IAMCE和IAKey控件远程栈溢出漏洞

BUGTRAQ ID: 24919 InterActual是一款DVD播放器。 InterActual播放器的IAMCE（IAMCE.dll）ActiveX控件在处理超过256字节的超长FailURL属性时存在栈溢出漏洞；IAKey（IAKey.dll）ActiveX控件在处理超过900字节的超长URLCode属性时存在另一个栈溢出漏洞，如果用户受骗加载了恶意媒体文件的话，就可能触发这些溢出，导致执行任意指令。 Roxio CinePlayer 3.2 InterActual Technologies InterActual Player 2.60.12.0717 厂商补丁：...

CVE-2007-3829

Multiple stack-based buffer overflows in a InterActual Player 2.60.12.0717 and b Roxio CinePlayer 3.2 allow remote attackers to execute arbitrary code via a 1 long FailURL attribute in the IAMCE ActiveX Control IAMCE.dll or a 2 long URLCode attribute in the IAKey ActiveX Control IAKey.dll. NOTE:...

Stack overflow

Multiple stack-based buffer overflows in a InterActual Player 2.60.12.0717 and b Roxio CinePlayer 3.2 allow remote attackers to execute arbitrary code via a 1 long FailURL attribute in the IAMCE ActiveX Control IAMCE.dll or a 2 long URLCode attribute in the IAKey ActiveX Control IAKey.dll. NOTE:...

CVE-2007-3829

Multiple stack-based buffer overflows in a InterActual Player 2.60.12.0717 and b Roxio CinePlayer 3.2 allow remote attackers to execute arbitrary code via a 1 long FailURL attribute in the IAMCE ActiveX Control IAMCE.dll or a 2 long URLCode attribute in the IAKey ActiveX Control IAKey.dll. NOTE:...

CVE-2007-3829

The CVE-2007-3829 issue affects InterActual Player and Roxio CinePlayer due to stack-based buffer overflows in ActiveX controls IAKey (IAKEY.dll) and IAMCE (IAMCE.dll). Vendors describe a remote code execution risk when a user is convinced to view specially crafted HTML (e.g., web page or HTML em...

KLA10222 ACE vulnerabilities in player

A buffer overflow was found in Player. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via specially designed attributes. Original advisories - Related products InterActual-Player Roxio-CinePlayer CVE list CVE-2007-0348...

IASystemInfo.DLL ActiveX控件缓冲区溢出漏洞

InterActual Player用于播放DVD等视频的媒体播放程序，CinePlayer也是功能强大的媒体播放程序。 InterActual Player/CinePlayer包含的ActiveX控件存在缓冲区溢出问题，远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 问题存在于IASystemInfo.dll ActiveX控件处理"ApplicationType"属性存在边界错误，超长的超过260字节的字符串可触发漏洞，可导致以应用程序进程权限执行任意指令。 Roxio CinePlayer 3.2 InterActual Technologies InterActual...

InterActual Player / CinePlayer ActiveX buffer overflow

Buffer overflow in IASystemInfo.dll ActiveX element...

Secunia Research: InterActual Player / CinePlayer IASystemInfo.dll ActiveX Control Buffer Overflow

====================================================================== Secunia Research 21/03/2007 - InterActual Player / CinePlayer - - IASystemInfo.dll ActiveX Control Buffer Overflow - ====================================================================== Table of Contents Affected...

CVE-2007-0348

Stack-based buffer overflow in the IASystemInfo.dll ActiveX control in 1 InterActual Player 2.60.12.0717, 2 Roxio CinePlayer 3.2, 3 WinDVD 7.0.27.172, and possibly other products, allows remote attackers to execute arbitrary code via a long ApplicationType property...

CVE-2007-0348

CVE-2007-0348 : The IASystemInfo.dll ActiveX control in InterActual Player, Roxio CinePlayer, and WinDVD 7 embeds a stack-based buffer overflow vulnerability that can be triggered by a long ApplicationType property, enabling remote arbitrary code execution. Public references confirm vulnerable co...

CVE-2007-0348

Stack-based buffer overflow in the IASystemInfo.dll ActiveX control in 1 InterActual Player 2.60.12.0717, 2 Roxio CinePlayer 3.2, 3 WinDVD 7.0.27.172, and possibly other products, allows remote attackers to execute arbitrary code via a long ApplicationType property...

InterActual Player SyscheckObject ActiveX controls contain stack buffer overflows

Overview InterActual Player provides multiple ActiveX controls that are vulnerable to buffer overflows. This can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description InterActual Player is a video DVD playing application for Windows systems...

InterActual Player ITIRecorder.MicRecorder ActiveX远程缓冲区溢出漏洞

InterActual Player是一款可以使用户播放Shockwave技术和语音识别技术的最新DVD多媒体节目。 InterActual Player ITIRecorder.MicRecorder ActiveX控件存在缓冲区溢出攻击，远程攻击者可以利用漏洞以进程权限执行任意指令。 通过构建恶意页，诱使用户访问来触发，目前没有详细漏洞细节提供。 InterActual Technologies InterActual Player 2.60.12 InterActual Player 2.6已经修正此漏洞：...

CVE-2006-3925

Stack-based buffer overflow in ITIRecorder.MicRecorder ActiveX control in iarecord.dll in InterActual Player before 2.6 allows remote attackers to execute arbitrary code via a long argument to the Files method. NOTE: the provenance of this information is unknown; the details are obtained from thi...

CVE-2006-3925

CVE-2006-3925: A stack-based buffer overflow in ITIRecorder.MicRecorder ActiveX control (iarecord.dll) in InterActual Player prior to 2.6 allows remote code execution via a long argument to the Files method. Current sources provide the vulnerability description and CVSS data (base score 6.4, MEDI...

CVE-2006-3925

Stack-based buffer overflow in ITIRecorder.MicRecorder ActiveX control in iarecord.dll in InterActual Player before 2.6 allows remote attackers to execute arbitrary code via a long argument to the Files method. NOTE: the provenance of this information is unknown; the details are obtained from thi...