|Main Archive Page > Month Archives > full-disclosure-uk archives|
NOTE: Other versions may also be affected.
Impact: Denial of Service
"Ofilter Player is an easy-to-use multimedia player. It can play many kinds of audio and video formats such as mp3, wav, midi, avi, VCD, mpeg etc.
It supports the powerful playback control: play, pause, stop, step, skip forward, skip backward. It can display and configure all filters' properties during the playback of the video."
Rewterz has discovered vulnerability in Ofilter Player. This vulnerability could lead to Denial of Service with the privileges of the current process or user and cause application to crash.
This vulnerability exists in the handling of application skin by the user. We chose not to provide detailed information about the location of the vulnerability and how to reproduce it because the author hasn't confirmed this vulnerability. We can pass a long argument into the skin file. There is no checking of the length of these inputs. Depending on the input, this will cause DoS condition.
We have confirmed the ability to execute our own code.
Discovered by Rehan Ahmed, Rewterz.
Rewterz is a boutique Information Security company, committed to consistently providing world class professional security services. Our strategy revolves around the need to provide round-the-clock quality information security services and solutions to our customers. We maintain this standard through our highly skilled and professional team, and custom-designed, customer-centric services and products.
Complete list of vulnerability advisories published by Rewterz: