| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 16 May 2007 19:31:14 +0400 From: 3APA3A <3APA3A@...URITY.NNOV.RU> To: "Michal Bucko (hackpl)" <sapheal@...k.pl> Cc: bugtraq@...urityfocus.com Subject: Re: Media Player Classic .MPA Div-By-Zero Denial of Service Vulnerability Dear Michal Bucko (hackpl), DoS against e.g. Internet Explorer may be treated as a vulnerability, because all windows are closed and user can loose some useful information. This is very low impact, but it is. In this case I see no impact at all. Resource consumption during dump file creation? Universal DoS against any media player: 1. Create new file in notepad 2. Type "Na!" 3. Save file as exploit.mp3 4. Open file in any media player. 5. Media player fails to play. Is it vulnerability? Guys, not any application bug is security one. --Tuesday, May 15, 2007, 1:49:54 AM, you wrote to bugtraq@...urityfocus.com: MBh> Media Player Classic fails to handle MPA-extension media files. When empty MBh> file provided Media Player MBh> Classic fails to properly parse MPA file format. MBh> 00634DD1 |. 8B4C24 18 MOV ECX,DWORD PTR SS:[ESP+18] MBh> 00634DD5 |. 8B4424 14 MOV EAX,DWORD PTR SS:[ESP+14] MBh> 00634DD9 |. 33D2 XOR EDX,EDX MBh> 00634DDB |. F7F1 DIV ECX MBh> ECX 00000000 -- ~/ZARAZA http://securityvulns.com/
Powered by blists - more mailing lists