Hanso Player '.m3u' File Remote Buffer Overflow Vulnerability
BID:58251
Info
Hanso Player '.m3u' File Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 58251 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2013-7280 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 01 2013 12:00AM |
| Updated: | Jan 14 2014 01:12AM |
| Credit: | metacom |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
Hanso Player '.m3u' File Remote Buffer Overflow Vulnerability
Hanso Player is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed exploit attempts may result in a denial-of-service condition.
Hanso Player 2.1.0 is vulnerable; other versions may also be affected.
Hanso Player is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed exploit attempts may result in a denial-of-service condition.
Hanso Player 2.1.0 is vulnerable; other versions may also be affected.
Exploit / POC
Hanso Player '.m3u' File Remote Buffer Overflow Vulnerability
The following exploit code is available:
The following exploit code is available:
Solution / Fix
Hanso Player '.m3u' File Remote Buffer Overflow Vulnerability
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Hanso Player '.m3u' File Remote Buffer Overflow Vulnerability
References:
References:
- Hanso Player Product Page (HansoTools)