Viscom Software Movie Player Pro ActiveX Control DrawText Buffer Overflow

Added: 07/16/2010
CVE: CVE-2010-0356
BID: 40719
OSVDB: 61634

Background

Viscom Movie Player Pro SDK ActiveX is a software development kit for Microsoft Windows environments to incorporate an advanced media player with overlay text and images.

Problem

The MOVIEPLAYER.MoviePlayerCtrl.1 ActiveX control in MoviePlayer.ocx 6.8.0.0 in Viscom Software Movie Player Pro SDK ActiveX 6.8 is vulnerable to a stack buffer overflow. Other versions may also be affected. Successful remote attackers could execute arbitrary code by passing a long strFontName parameter to the DrawText method. Unsuccessful attacks will probably result in denial of service.

Resolution

Set the kill bit for the affected ActiveX control as described in Microsoft Knowledge Base Article 240797.

References

http://secunia.com/advisories/38156/

Limitations

Exploit works on Viscom Software Movie Player Pro ActiveX Control 6.8.

The user must open the exploit web page using Internet Explorer 6 or 7 from the target.

Platforms

Windows

Back to exploit index