|
Test ID: | 1.3.6.1.4.1.25623.1.0.900597 |
Category: | Buffer overflow |
Title: | TFM MMPlayer '.m3u' Buffer Overflow Vulnerability - July-09 |
Summary: | Check for the Version of TFM MMPlayer |
Description: | Description: Overview: This host is installed with TFM MMPlayer and is prone to stack based Buffer Overflow bulnerability. Vulnerability Insight: This flaw is due to improper bounds checking when processing '.m3u' files and can be exploited via crafted '.m3u' playlist file containing an overly long string. Impact: Successful exploitation allows the attacker to execute arbitrary code on the system or cause the application to crash. Impact Level: Application Affected Software/OS: TFM MMPlayer version 2.0 to 2.2.0.30 on Windows. Fix: No solution or patch is available as of th 24th July, 2009. Information regarding this issue will be updated once the solution details are available. For updates refer to http://www.tfm.ro/mmplayer/top.html References: http://secunia.com/advisories/35605 http://www.milw0rm.com/exploits/9047 http://xforce.iss.net/xforce/xfdb/51442 CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2009-2566 http://www.exploit-db.com/exploits/9047 http://secunia.com/advisories/35605 XForce ISS Database: mmplayer-m3u-bo(51442) https://exchange.xforce.ibmcloud.com/vulnerabilities/51442 |
Copyright | Copyright (C) 2009 SecPod |
This is only one of 58962 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |
|