PT-2009-2929 · Effectmatrix · Effectmatrix Total Video Player

His0K4

Published

2009-01-23

Updated

2017-09-29

CVE-2009-0261

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions EffectMatrix Total Video Player version 1.31

Description The issue is a stack-based buffer overflow that allows attackers to execute arbitrary code. This is achieved through a SkinsDefaultSkinDefaultSkin.ini file with a large ColumnHeaderSpan value.

Recommendations For EffectMatrix Total Video Player version 1.31, consider updating to a newer version that addresses this issue, if available. As a temporary workaround, restrict access to the SkinsDefaultSkinDefaultSkin.ini file to minimize the risk of exploitation. Avoid using large ColumnHeaderSpan values in the DefaultSkin.ini file until the issue is resolved.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2009-0261

Affected Products

Effectmatrix Total Video Player

PT-2009-2929 · Effectmatrix · Effectmatrix Total Video Player

CVE-2009-0261

Weakness Enumeration

Related Identifiers

Affected Products

References · 4