|Title:||PIPI Player PIPIWebPlayer ActiveX Control Buffer Overflow Vulnerability|
|Summary:||Check for the version of PIPI Player|
Overview: This host is installed with PIPI Player and is prone to buffer
The flaw is due to an error when processing the 'PlayURL()' and
'PlayURLWithLocalPlayer()' methods. This can be exploited to cause a
stack-based buffer overflow via an overly long string passed to the methods.
Successful exploitation will allow remote attackers to execute arbitrary
code in the context of the application.
Impact Level: Application.
PIPI Player version 220.127.116.11
Fix: No solution or patch is available as of 28th Febraury, 2011. Information
regarding this issue will update once the solution details are available.
For updates refer to http://pipi.cn/down/index.html
BugTraq ID: 46468|
Common Vulnerability Exposure (CVE) ID: CVE-2011-1065
XForce ISS Database: pipiplayer-activex-control-bo(65537)
|Copyright||Copyright (C) 2011 SecPod|
|This is only one of 40605 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.