Info

Disclosure

Nov 29, 2006

Discovery

Unknown

Dates

Exploit

Dec 01, 2006

Solution

Unknown

Description

BlazeDVD 5.0 suffers from buffer overflow vulnerability that can be exploited via crafted PLF playlist file localy and remotely. It fails to perform boundry checking of the user input file, allowing the EIP to be overwritten, thus, controling the next insctruction of the software. After succesfull exploitation, arbitrary code will be executed. Failed attempts will result in Denial Of Service (DoS).

Classification

Location: Local / Remote, Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Solution Unknown
Exploit: Exploit Public, Exploit Commercial
Disclosure: Third-party Verified, Uncoordinated Disclosure

Solution

OSVDB is not aware of a solution for this vulnerability.

Products

Unknown or Incomplete

References

CVE ID: 2006-6199 (see also: NVD)
Bugtraq ID: 21337
Secunia Advisory ID: 23041
Milw0rm: 2880 6217 9329
Exploit Database: 2880 6217 9329
ISS X-Force ID: 30567
Metasploit ID: 30770
VUPEN Advisory: ADV-2006-4764
Mail List Post: http://whitestar.linuxbox.org/pipermail/exploits/2006-December/000065.html
Vendor URL: http://www.blazevideo.com/dvd-player/index.htm
Generic Exploit URL: http://www.coresecurity.com/content/blazedvd-plf-playlist-buffer-overflow-exploit-7-5
Other Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2008-4892.php

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/30770