Rosoft Media Player version 4.4.4 buffer overflow exploit.
d788f5d5fbe39ff2df6d7ccdafa5b25a188ab8049559bf52ef00b80852b4e6a3
The WD TV Live Streaming Media Player suffers from two implementation flaws that together allow for remote command execution as root.
30e038aaf42732de5c7c31917ec77feb71e99f5a032ca468e8d514c9181e41c1
Gentoo Linux Security Advisory 201206-21 - Multiple vulnerabilities have been found in Adobe Flash Player could result in the execution of arbitrary code or Denial of Service. Versions less than 11.2.202.236 are affected.
7222e3252d7d0fdb64aebdfc3716ee393821e2bc4558b1b340a50587b3420c6c
This Metasploit module exploits a vulnerability found in Adobe Flash Player. By supplying a corrupt AMF0 "_error" response, it is possible to gain arbitrary remote code execution under the context of the user. This vulnerability has been exploited in the wild as part of the "World Uyghur Congress Invitation.doc" e-mail attack. According to the advisory, 10.3.183.19 and 11.x before 11.2.202.235 are affected.
278d32f3bc7f3344e48d9ed25bcb65be25041499b78ba981e26d568f755202ee
Secunia Security Advisory - Microsoft has reported a vulnerability in JW Player, which can be exploited by malicious people to conduct cross-site scripting attacks.
b7d3ee129c61d88b588512c6c136f24bcf34fa04cc352e930dfa3f0c5bf9e70f
This Metasploit module exploits a vulnerability in Adobe Flash Player versions 10.3.181.23 and earlier. This issue is caused by a failure in the ActionScript3 AVM2 verification logic. This results in unsafe JIT(Just-In-Time) code being executed. This is the same vulnerability that was used for attacks against Korean based organizations. Specifically, this issue occurs when indexing an array using an arbitrary value, memory can be referenced and later executed. Taking advantage of this issue does not rely on heap spraying as the vulnerability can also be used for information leakage. Currently this exploit works for IE6, IE7, IE8, Firefox 10.2 and likely several other browsers under multiple Windows platforms. This exploit bypasses ASLR/DEP and is very reliable.
e26bbead67100b455a3fddb8cfcf7df0baddef6b4fbc68f4cc261a2c4dea9972
Total Video Player version 1.31 crash proof of concept denial of service exploit that creates malicious files.
50826852f4723c4697c5342a471db0766e94f72ffba3dc55768b3c1d68c3014d
This Metasploit module exploits a buffer overflow in MMPlayer 2.2 The vulnerability is triggered when opening a malformed M3U/PPL file that contains an overly long string, which results in overwriting a SEH record, thus allowing arbitrary code execution under the context of the user.
94a5538fac833ce0d40cb77f27f7d48f3d8f56c693a6be7f095f4777f86bcb80
VMware Security Advisory 2012-0011 - VMware Workstation, Player, Fusion, ESXi and ESX patches address security issues.
509ed4ca1d4de84e168a83b909f8884b5902694169ccc6d01433140a39e2a9ed
Secunia Security Advisory - SUSE has issued an update for flash-player. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
5f5105da891351eaf06772f80dbbfa7758e32120a64837d3c40aec6a06702d78
Red Hat Security Advisory 2012-0722-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes several vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB12-14, listed in the References section. Several security flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content.
ecdbd222d0515d25680731defe7dbecc336e7f60c44b403ad6c79db2c84c9be7
WordPress HD FLV Player plugin version 1.7 suffers from a remote shell upload vulnerability.
e0e3e72d0a554f333b2976b68bac1418aa7996529292577400553284d6f2ace5
Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
e20802e5ee8e20761cfe1c8512cf01f5cdb21558d860ba633195fec7301b5b0e
Zero Day Initiative Advisory 12-092 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way RealPlayer handles audio encoded with the QCELP codec. The codec allows you to specify the 'block_size' that is used. This size is used to create an allocation to hold the data, but a hardcoded blocksize is later used to copy data into that allocation. This could lead to remote code execution under the context of the current user.
380a02510159c9cdf960797da6f1c88b06cb8a4e5eafa4f9a55b560e374118c2
Zero Day Initiative Advisory 12-087 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the raac.dll module. By editing the stsz atom in the mp4 file data, an attacker could change a sample size to force a loop in raac.dll to loop too many times, causing heap corruption. This vulnerability can be leveraged to execute code under the context of the user running the application.
2ce52b7504df49825da4887cac96c03aa28226252b6f7f55300204478c048607
Zero Day Initiative Advisory 12-086 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the rvrender module. When parsing an IVR file, the code within this module does not account for a negative value for the "RMFF 1.0 Flags" element within the input data. By providing a specially crafted file an attacker is able to achieve a program state that results in a function pointer value being retrieved from file data and subsequently called. This vulnerability can be leveraged to execute code under the context of the user running the application.
95be120705ca4e062f32484ba1379b8274788104bd1a0ab24e69832485c9b78d
Zero Day Initiative Advisory 12-085 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the dmp4 component. If the width value is altered inside the esds atom, arithmetic instructions within RealPlayer code can result in a loop counter wrapping to a large value. This can cause the loop to run too many times while operating on heap memory. By exploiting this condition, an attacker can corrupt memory and leverage that to execute code under the context of the user running the application.
efbe76fedf3296c7ef451c7b351df87ac87091b6a35538b7186d05716162501f
JW Player version 5.9.x suffers from cross site scripting and content spoofing vulnerabilities.
745dad00f0d27c02390246bb3d97b20455221ab826e6936bd3380eebb74e5e06
Zero Day Initiative Advisory 12-084 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required in that a target must visit a malicious page or open a malicious file. The flaw exists within the RV10 encoded data in the rv10.dll component. When encountering an invalid encoded height or width field the process miscalculates an offset while preparing to decode the data packets which constitute the stream. The process attempts to store data at this location. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the process.
e5150c82d73cc84c7bac0c2ef829f0a287bb6936a0e3495f3879c41d5fc6830d
Zero Day Initiative Advisory 12-080 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of MP4 files. A size value is read from MP4 files and used for size calculation without proper validation. The arithmetic performed on the size value can cause integer overflows, resulting in undersized allocations. This undersized memory allocation can be subsequently overpopulated with data supplied by the input file which can be used to gain remote code execution under the context of the current process.
7d4277c0240390dfaf844d794201f5813348bc3c4e7a17ba30d5fa943904ac26
Zero Day Initiative Advisory 12-076 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application calculates the padding for an MPEG sample. When calculating the padding, the MPEG library will subtract this from another length without checking for underflow. This resulting length will then be used in a memcpy operation into a statically sized buffer allocated on the heap. This can lead to code execution under the context of the application.
ebbfba28118d24f1d8b399ccd10a105b73410f3d44f0dd5d1dda1152ef2b523a
Zero Day Initiative Advisory 12-075 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application decodes video samples encoded with the RLE codec. When decompressing the sample, the application will fail to accommodate for the canvas the sample is rendered into. This can cause a buffer overflow and thus can be taken advantage of in order to gain code execution under the context of the application.
d5468bb73b626a9a652d543969f2fda02d088248591c4fe62f3624ccad53adb2
This Metasploit module exploits a stack-based buffer overflow found in the handling of SAMI subtitles files in MPlayer SVN Versions before 33471. It currently targets SMPlayer 0.6.8, which is distributed with a vulnerable version of mplayer. The overflow is triggered when an unsuspecting victim opens a movie file first, followed by loading the malicious SAMI subtitles file from the GUI. Or, it can also be done from the console with the mplayer "-sub" option.
ff773c1737c09b314a58cb07dab372f6b99f077dc26dbd42fd59a36e56c907a7
Red Hat Security Advisory 2012-0688-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB12-09, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the specially-crafted SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.3.183.19.
5d3d94c580242304ad1db49f92b8d1b2db7dde614f6355c09efaba9df53cd86d
Secunia Security Advisory - Red Hat has issued an update for flash-player. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
c67a70e724aa582a6065b9793770ba9525166dd88309683a4d3cafa78fbb41f1
Secunia Security Advisory - Some vulnerabilities have been reported in RealPlayer, which can be exploited by malicious people to compromise a user's system.
a1d30186496845399b0ac3d413e64ee8f1ddfdb9edb58adaddaeb4b9fb3c4891