BID:30341

PowerDVD '.m3u' and '.pls' File Multiple Buffer Overflow Vulnerabilities

Info

PowerDVD '.m3u' and '.pls' File Multiple Buffer Overflow Vulnerabilities

Bugtraq ID:	30341
Class:	Boundary Condition Error
CVE:
Remote:	Yes
Local:	No
Published:	Jul 22 2008 12:00AM
Updated:	Aug 26 2008 06:25PM
Credit:	Gjoko 'LiquidWorm' Krstic
Vulnerable:	CyberLink PowerDVD 8.0

Not Vulnerable:

Discussion

PowerDVD '.m3u' and '.pls' File Multiple Buffer Overflow Vulnerabilities

PowerDVD is prone to multiple buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied input.

Successfully exploiting these issues may allow remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts will cause denial-of-service conditions.

PowerDVD 8.0 is vulnerable; prior versions may also be affected.

Exploit / POC

PowerDVD '.m3u' and '.pls' File Multiple Buffer Overflow Vulnerabilities

To exploit these issues, an attacker must entice an unsuspecting user to open a malicious file using the affected application.

The following proof of concept is available:

/data/vulnerabilities/exploits/30341.pl

Solution / Fix

PowerDVD '.m3u' and '.pls' File Multiple Buffer Overflow Vulnerabilities

Solution:
Vendor fixes are scheduled for a release on August 25, 2008. Please contact the vendor for details.

References

PowerDVD '.m3u' and '.pls' File Multiple Buffer Overflow Vulnerabilities

References:

????????? ??? CyberLink PowerDVD - BoF (???? ??????)
PowerDVD Homepage (CyberLink)