Move Media Player Quantum Streaming ActiveX Control Multiple Buffer Overflow Vulnerabilities
BID:25529
Info
Move Media Player Quantum Streaming ActiveX Control Multiple Buffer Overflow Vulnerabilities
| Bugtraq ID: | 25529 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-4722 |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 04 2007 12:00AM |
| Updated: | May 07 2015 05:35PM |
| Credit: | Parvez Anwar is credited with discovering these vulnerabilities. |
| Vulnerable: |
Move Networks Move Media Player 1.0 .1 |
| Not Vulnerable: | |
Discussion
Move Media Player Quantum Streaming ActiveX Control Multiple Buffer Overflow Vulnerabilities
Move Media Player is prone to multiple remote buffer-overflow vulnerabilities because the application fails to properly bounds-check user-supplied data before copying it into insufficiently sized memory buffers.
Exploiting these issues allows remote attackers to execute arbitrary code in the context of applications using the affected ActiveX control (typically Internet Explorer) and to compromise affected computers. Failed attempts will likely result in denial-of-service conditions.
These issues affect Move Media Player 1.0.0.1; other versions may also be vulnerable.
Move Media Player is prone to multiple remote buffer-overflow vulnerabilities because the application fails to properly bounds-check user-supplied data before copying it into insufficiently sized memory buffers.
Exploiting these issues allows remote attackers to execute arbitrary code in the context of applications using the affected ActiveX control (typically Internet Explorer) and to compromise affected computers. Failed attempts will likely result in denial-of-service conditions.
These issues affect Move Media Player 1.0.0.1; other versions may also be vulnerable.
Exploit / POC
Move Media Player Quantum Streaming ActiveX Control Multiple Buffer Overflow Vulnerabilities
An attacker can exploit these issues by enticing an unsuspecting to view a malicious HTML page.
The following exploit code is available:
An attacker can exploit these issues by enticing an unsuspecting to view a malicious HTML page.
The following exploit code is available:
Solution / Fix
Move Media Player Quantum Streaming ActiveX Control Multiple Buffer Overflow Vulnerabilities
Solution:
Reports indicate that 'qsp2ie07074039.dll' (signed September 18, 2007) addresses this issue, but this has not been confirmed. Please contact the vendor for more information.
Solution:
Reports indicate that 'qsp2ie07074039.dll' (signed September 18, 2007) addresses this issue, but this has not been confirmed. Please contact the vendor for more information.
References
Move Media Player Quantum Streaming ActiveX Control Multiple Buffer Overflow Vulnerabilities
References:
References:
- Microsoft Knowledge Base Article 240797 (Microsoft)
- Move Networks Homepage (Move Networks)
- Move Networks Upgrade Manager QMPUpgrade.dll Buffer Overflow (Elazar Broad
) - Vulnerability Note VU#298345 Move Networks Quantum Streaming Player ActiveX stac (US-CERT)