ffdshow URL link buffer overflow

Added: 03/25/2009
CVE: CVE-2008-5381
BID: 32438
OSVDB: 50064

Background

ffdshow tryouts (also known just as ffdshow) is an audio and video decoder for Windows.

Problem

A buffer overflow vulnerability allows command execution when a user opens a media stream with a long, specially crafted URL link.

Resolution

Upgrade to the latest version of ffdshow.

References

http://archives.neohapsis.com/archives/bugtraq/2008-11/0182.html

Limitations

Exploit works on ffdshow rev2322 and requires a user to load the exploit page in a web browser.

Platforms

Windows

Back to exploit index