PT-2007-6844 · Viewpoint · Viewpoint Media Player

Shinnai

Publicado

2007-11-10

Atualizado

2017-09-29

CVE-2007-5911

CVSS v2.0

6.8

Média

Vetor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Viewpoint Media Player version 3.2

Description The issue is related to multiple stack-based buffer overflows in the AxMetaStream ActiveX control. Remote attackers can execute arbitrary code via a long string argument to various methods, including BroadcastKey, BroadcastKeyFileURL, Component, ComponentClassID, ComponentFileName, ExtraProperty, Properties, RequiredVersions, Source, or XMLText.

Recommendations For Viewpoint Media Player version 3.2, consider disabling the AxMetaStream ActiveX control until a patch is available to prevent exploitation of the buffer overflows in the BroadcastKey, BroadcastKeyFileURL, Component, ComponentClassID, ComponentFileName, ExtraProperty, Properties, RequiredVersions, Source, or XMLText methods.

Exploit

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

CVE-2007-5911

Produtos afetados

Viewpoint Media Player

PT-2007-6844 · Viewpoint · Viewpoint Media Player

CVE-2007-5911

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6