lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <A24C44A119F44677B6961CB022BAD228@saphealmachine>
Date: Mon, 14 May 2007 23:49:54 +0200
From: "Michal Bucko (hackpl)" <sapheal@...k.pl>
To: <bugtraq@...urityfocus.com>
Subject: Media Player Classic .MPA Div-By-Zero Denial of Service Vulnerability

Synopsis:     Media Player Classic .MPA Div-By-Zero Denial of Service 
Vulnerability
Vulnerable:  Media Player Classic 6.4.9.0

Author: Michal Bucko


Introduction

A multimedia player with a similar interface to Microsoft Windows Media 
Player 6.4, but has many
more features specific for DivX playback.


Description

Media Player Classic fails to handle MPA-extension media files. When empty 
file provided Media Player
Classic fails to properly parse MPA file format.

00634DD1 |. 8B4C24 18 MOV ECX,DWORD PTR SS:[ESP+18]
00634DD5 |. 8B4424 14 MOV EAX,DWORD PTR SS:[ESP+14]
00634DD9 |. 33D2 XOR EDX,EDX
00634DDB |. F7F1 DIV ECX

ECX 00000000




Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ