3ivx MPEG-4 Multiple Remote Stack Based Buffer Overflow Vulnerabilities

3ivx MPEG-4 is prone to multiple stack-based buffer-overflow issues because it fails to perform adequate boundary checks on user-supplied data.

Successfully exploiting these issues allows remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts likely result in denial-of-service conditions.

3ivx MPEG-4 5.0.1 is vulnerable; other versions may also be affected.

NOTE: This BID originally listed Windows Media Player as vulnerable, but has been updated to reflect the fact that the issues reside in 3ivx MPEG-4.


Privacy Statement
Copyright 2010, SecurityFocus