lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 29 Mar 2021 18:35:44 +0800
From: houjingyi <houjingyi647@...il.com>
To: fulldisclosure@...lists.org
Subject: [FD] PotPlayer denial of service vulnerability

PotPlayer is a multimedia software player developed for the Microsoft
Windows operating system by South Korean Internet company Kakao (formerly
Daum Communications). It competes with other popular Windows media players
such as VLC media player, GOM Player, KMPlayer, SMPlayer and Media Player
Classic. PotPlayer's reception has been positive with reviewers
complimenting its wide range of settings and customizations, as well as its
lightweight nature and its support for a large variety of media formats.

I found a denial of service vulnerability in PotPlayer by accident.

vulnerable version : 210127
fixed version : 210318

I just dragged https://bugzilla.libav.org/show_bug.cgi?id=929 into PotPlayer
and it crashed. A dmp file can be found at directory like :

C:\Users\xxxxxx\AppData\Roaming\Daum\PotPlayer\Log

I think this is maybe PotPlayer is not using the latest version of libav
and I contacted Korea Internet & Security Agency.

vendor response:

"
Hello,
This is Kakao Security Team.

Thank you for providing the Korea Internet & Security Agency with
information on the security vulnerability of the potplayer service.

Results of internal Review
We have determined that an error occurs when running MP4 files that do not
fit the format.

However,
  - the potplayer service does not use the libav library
  - and the user's own potplayer program is terminated

* so it is not judged to be a security vulnerability.
* Currently, a revised version has been distributed.


Thank you for reporting the security vulnerability.
Please contact me if you have any questions.


Kakao Security Team.
"

I do not know why they think this is not a security vulnerability, maybe it
can just cause crash and cannot be exploited? I did not investigate
further, but I can confirm this get fixed in the latest version.

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists