PT-2011-5161 · Tencent · Qqplayer

Hellok

Published

2011-12-25

Updated

2012-02-17

CVE-2011-5006

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions QQPlayer version 3.2.845

Description A stack-based buffer overflow issue allows remote attackers to execute arbitrary code via a crafted PnSize value in a MOV file.

Recommendations For QQPlayer version 3.2.845, update to a newer version that contains a fix for this issue.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2011-5006

Qqplayer