exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Nemesis Player (NSP) Local Denial Of Service

Nemesis Player (NSP) Local Denial Of Service
Posted Jan 5, 2010
Authored by Rehan Ahmed | Site rewterz.com

Nemesis Player (NSP) version 2.0 and 1.1 Beta suffer from a local denial of service vulnerability.

tags | advisory, denial of service, local
SHA-256 | 34e3203485a0554043b5299f37eae4ab898276e5a4ac823a39381bea40f83fb6

Nemesis Player (NSP) Local Denial Of Service

Change Mirror Download
========================================================
Rewterz 05/01/2010

- Nemesis Player (NSP) Local Denial of Service (DoS) Vulnerability -

1) Affected Software

* NSP 2.0
* NSP 1.1 Beta


========================================================
2) Severity

Rating: High
Impact: Denial of Service
Where: Local


========================================================
3) Vendor's Description of Software

"The Nemesis Player (NSP) is much more than any other media player.
It allows you to watch your video files collection like any player
but also enables you to emulate a "DVD menu" for your videos.

Nsp can be broken down into 3 parts: Scene Editing, Project Settings
and the player itself."

Product Link:
http://www.nsplayer.org


========================================================
4) Description of Vulnerability

Rewterz has discovered vulnerability in Nemesis Player (NSP). This
vulnerability could lead to Denial of Service with the privileges of
the current process or user and cause system to stop responding.

This vulnerability exists in the handling of Nsp project file. We chose
not to provide detailed information about the location of the
vulnerability and how to reproduce it because the author hasn't
confirmed this vulnerability. We can pass a long argument into the Nsp
project file. There is no checking of the length of these inputs.
Depending on the input, this will cause DoS condition.

We have confirmed the ability to execute our own code.


========================================================
5) Credits

Discovered by Rehan Ahmed, Rewterz.


========================================================
6) About Rewterz

Rewterz is a boutique Information Security company, committed to
consistently providing world class professional security services.
Our strategy revolves around the need to provide round-the-clock
quality information security services and solutions to our customers.
We maintain this standard through our highly skilled and professional
team, and custom-designed, customer-centric services and products.

http://www.rewterz.com


Complete list of vulnerability advisories published by Rewterz:

http://rewterz.com/securityadvisories.php


========================================================
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close