Xilisoft Video Converter Buffer Overflow Vulnerability Network Vulnerability

Summary

This host is with installed Xilisoft Video Converter and is prone to Buffer Overflow Vulnerability.

Impact

This issue can be exploited to corrupt the memory and to execute arbitrary code in the context of the affected application. Impact Level: Application

Solution

No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one For updates refer to http://www.xilisoft.com/

Insight

The cause is due to an error in ape_plugin.plg when parsing malicious .CUE files containing overly long string.

Affected

Xilisoft Video Converter version 3.x to 3.1.53.0704n and 5.x to 5.1.23.0402 on Windows.

References

http://secunia.com/advisories/34660
http://xforce.iss.net/xforce/xfdb/49807

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-1370
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

CA eTrust PestPatrol Anti-Spyware 'ppctl.dll' ActiveX Control BOF Vulnerability
Adobe Reader 'File Extension' Buffer Overflow Vulnerability (Windows)
Adobe Air Buffer Overflow Vulnerability (Mac OS X)
Adobe Reader/Acrobat Multiple BOF Vulnerabilities - Jun09 (Win)
Apache mod_proxy content-length buffer overflow

Take action and discover your vulnerabilities