Short Name |
HTTP:STC:DL:CYBERLINK-LIST-OF |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
CyberLink PowerDVD PlayList File Handling Stack Overflow |
Release Date |
2011/07/26 |
Update Number |
1961 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known stack overflow vulnerability in CyberLink PowerDVD product. It is due to inadequate boundary checks when loading playlist files. A remote attacker could exploit this vulnerability to create a stack overflow condition on the target system. Successful exploitation could lead to denial-of-service conditions. Upon processing a malicious playlist file, the PowerDVD process will terminate due to a stack overflow condition, which triggers a Denial of Service condition.
PowerDVD is prone to multiple buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied input. Successfully exploiting these issues may allow remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts will cause denial-of-service conditions. PowerDVD 8.0 is vulnerable; prior versions may also be affected.