Summary
This host is running Blazevideo HDTV Player and is prone to buffer overflow vulnerability.
Impact
Successful exploitation will let the attackers execute arbitrary codes within the context of the application and can cause heap overflow in the application.
Impact level: Application
Solution
No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.
For updates refer to http://www.blazevideo.com/hdtv-player/index.htm
Insight
Player application fails while handling crafted arbitrary playlist plf files.
Affected
Blazevideo HDTV Player 3.5 and prior on all Windows platforms.
References
Severity
Classification
-
CVE CVE-2009-0450 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Anzio Web Print Object ActiveX Control Remote BOF Vulnerability
- Adobe Reader Multimeda Doc.media.newPlayer Code Execution Vulnerability (Linux)
- Beatport Player '.m3u' File Buffer Overflow Vulnerability
- Apple iTunes 'itms:' URI Stack Buffer Overflow Vulnerability
- CA Internet Security Suite Plus 'KmxSbx.sys' Buffer Overflow Vulnerability