Signature Detail

HTTP: ffdshow Codec Media Stream URL Processing Buffer Overflow

A buffer overflow vulnerability exists in the ffdshow codec. The vulnerability is due to a boundary error when processing URLs. Remote attackers could exploit this vulnerability by enticing the target user to view a media stream or open an HTML page embedded media stream. Successful exploitation would cause a memory corruption that may lead to arbitrary code execution in the security context of the currently logged on user. An attack targeting this vulnerability can result in the injection and execution of code. If code execution is successful, the behaviour of the target will depend on the intention of the attacker. Any code injected will be executed within the security context of the currently logged in user. In the case of an unsuccessful code execution attack, the affected application will terminate abnormally.

Extended Description

The 'ffdshow' codec is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input before copying it to an insufficiently sized buffer. Attackers can exploit this issue to execute arbitrary code in the context of an application that uses the library. Failed attacks may cause denial-of-service conditions. This issue affects versions prior to ffdshow rev2347_20081123. Additional applications that use this codec may also be vulnerable.

Affected Products

• ffdshow rev2322_20081114

References

• BugTraq: 32438