VULNERABILITIES / FIXES - June 28, 2012
by Carol~ - 6/28/12 10:26 AM
Mini-stream URL Hunter Playlist Buffer Overflow
Release Date : 2012-06-28
Criticality level : Moderately critical
Impact : System access
Where : From remote
Solution Status : Unpatched
Software: Mini-stream URL Hunter 3.x
A vulnerability has been discovered in Mini-stream URL Hunter, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error when processing playlist files. This can be exploited to cause a stack-based buffer overflow via a specially crafted M3U playlist.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 184.108.40.206. Other versions may also be affected.
No official solution is currently available.
Provided and/or discovered by: