Gretech GOM Player GomWeb3.DLL Remote Buffer Overflow Vulnerability
BID:26236
Info
Gretech GOM Player GomWeb3.DLL Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 26236 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-5779 |
| Remote: | Yes |
| Local: | No |
| Published: | Oct 29 2007 12:00AM |
| Updated: | Sep 17 2008 06:10PM |
| Credit: | rgod is credited with the discovery of this vulnerability. |
| Vulnerable: |
GRETECH CORP. GOM Player 2.1.6 3499 |
| Not Vulnerable: | |
Discussion
Gretech GOM Player GomWeb3.DLL Remote Buffer Overflow Vulnerability
GOM Player is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
Successfully exploiting this issue will allow an attacker to execute arbitrary code within the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts will result in a denial-of-service condition.
This issue affects GOM Player 2.1.6.3499; other versions may also be vulnerable.
GOM Player is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
Successfully exploiting this issue will allow an attacker to execute arbitrary code within the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts will result in a denial-of-service condition.
This issue affects GOM Player 2.1.6.3499; other versions may also be vulnerable.
Exploit / POC
Gretech GOM Player GomWeb3.DLL Remote Buffer Overflow Vulnerability
An attacker can exploit this issue by enticing an unsuspecting victim to to visit a malicious HTML page.
UPDATE (September 17, 2008): Symantec has observed active exploit attempts of this issue in the wild.
The following exploit code is available:
An attacker can exploit this issue by enticing an unsuspecting victim to to visit a malicious HTML page.
UPDATE (September 17, 2008): Symantec has observed active exploit attempts of this issue in the wild.
The following exploit code is available:
Solution / Fix
Gretech GOM Player GomWeb3.DLL Remote Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Gretech GOM Player GomWeb3.DLL Remote Buffer Overflow Vulnerability
References:
References:
- GOM Player Homepage (Gretech)
- Microsoft Support Document 240797 (Microsoft)