BID:23991

Media Player Classic .MPA Div-By-Zero Denial of Service Vulnerability

Info

Media Player Classic .MPA Div-By-Zero Denial of Service Vulnerability

Bugtraq ID:	23991
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2007-2723
Remote:	Yes
Local:	No
Published:	May 15 2007 12:00AM
Updated:	May 07 2015 05:39PM
Credit:	Michal Bucko is credited with the discovery of this vulnerability.
Vulnerable:

Not Vulnerable:

Discussion

Media Player Classic .MPA Div-By-Zero Denial of Service Vulnerability

Media Player Classic is prone to a denial-of-service vulnerability when processing a malformed MPA file.

A remote attacker can exploit this issue to crash the affected application, denying service to legitimate users.

This issue affects Media Player Classic 6.4.9.0; other versions may also be affected.

Exploit / POC

Media Player Classic .MPA Div-By-Zero Denial of Service Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

Media Player Classic .MPA Div-By-Zero Denial of Service Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

References

Media Player Classic .MPA Div-By-Zero Denial of Service Vulnerability

References:

Vendor Homepage (Gabest.org) (guliverkli)
Media Player Classic .MPA Div-By-Zero Denial of Service Vulnerability (Michal Bucko)