ffdshow URL link buffer overflow
Added: 03/25/2009CVE: CVE-2008-5381
BID: 32438
OSVDB: 50064
Background
ffdshow tryouts (also known just as ffdshow) is an audio and video decoder for Windows.Problem
A buffer overflow vulnerability allows command execution when a user opens a media stream with a long, specially crafted URL link.Resolution
Upgrade to the latest version of ffdshow.References
http://archives.neohapsis.com/archives/bugtraq/2008-11/0182.htmlLimitations
Exploit works on ffdshow rev2322 and requires a user to load the exploit page in a web browser.Platforms
WindowsBack to exploit index