The StreamAudio ChainCast ProxyManager suffers from a buffer overflow vulnerability in ccpm_0237.dll.
3b5465e121ebbe12c330b5f7cffa431fa2a7602ba008f4f39ebebcaa83875c5aWho:
http://www.streamaudio.com
StreamAudio(formerly ChainCast) is a provides streaming media for
radio broadcasters.
What:
StreamAudio utilizes an Active control that acts as a proxy between
StreamAudio and Windows Media Player which actually plays the
content.
This control is marked as follows:
{2253F320-AB68-4A07-917D-4F12D8884A06}
IObjectSafety:
IO. Safe for scripting (IDispatch)
How:
The first parameter of the InternalTuneIn() method expects a URL to
passed it and it fails to properly check the length of the supplied
data. The SEH is overwritten after 248 bytes.
Fix:
Set the killbit for this this control, see
http://support.microsoft.com/kb/240797
Elazar
--
Self Storage Options - Click Here.
http://tagline.hushmail.com/fc/Ioyw6h4eNgRQWOP1FhRQ2cKm8Nmb4ptQwJo9icblrmiIEVMf7OxT9O/
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed