VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Shockwave. The vulnerability is caused by a memory corruption error in the "DIRAPI.dll" module when processing the "LCTX" chunk within a Director File, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a malicious web page. Adobe Shockwave Player versions 11.5.9.615 and prior are affected.
a14685bc6080babb1b766400a94d5de2768c47bc73bcd035cb57c90a363fe819Xion Audio Player version 1.0.127 suffers from a denial of service vulnerability.
db8cef3667f3d1b365a696b8e7a48b9cc868b4d1f642d18265a7c22ffd7d3d4bBlazeVideo HDTV Player version 6.6 Professional buffer overflow exploit with SEH + DEP + ASLR bypass.
f5b576d7baf1601664d205e9e05ca99f4fbeb993a5658b7404fac8d5620e1548FoxPlayer version 2.6.0 suffers from a denial of service vulnerability.
eb67bb643c36f0d5ef65e3142b1d9981354485156c875ca3441c1efb51d3e0d9Secunia Security Advisory - Two vulnerabilities have been reported in Adobe Flash Player and Adobe AIR, which can be exploited by malicious people to compromise a user's system.
33ff8fc72aa2fcaf076d0093973a9d8c3f83484facec38dfaacc2b7ee5d2590aSecunia Security Advisory - SUSE has issued an update for flash-player. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
0c9accdc5af0de2ddc9216155b16519a9e0a48f8dc3aa548687b4dae978df304Red Hat Security Advisory 2012-0434-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB12-07, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the specially-crafted SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.3.183.18.
214097b723d5e1016a9378358b8884c8afd2d66057492714e906754204d059ddRealPlayer SP1 versions 1.1.4 Build 12.0.0.756 and below suffer from a memory corruption vulnerability.
ddd9e040f4b7eafed5ff80ef2b389fd0a0d7384cbf7bae93936c186a876e915bmmPlayer version 2.2 buffer overflow exploit that makes a malicious .ppl file.
54f3235692682f9b8c3b4effd6f627b90594b7057db694991ac145584a4d1409mmPlayer version 2.2 buffer overflow exploit that makes a malicious .m3u file.
f75af1f295181f5bbeb62280bcd2bb415187a8c9a06120201c646c4d0b1657b2Secunia Security Advisory - rgod has discovered a vulnerability in Cisco Linksys PlayerPT ActiveX Control, which can be exploited by malicious people to compromise a user's system.
91fbeb70423639d51561f20fdc0fe7590c4836fc40a9423339c16503d32289daCisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT active-x control (PlayerPT.ocx) suffers from a sprintf buffer overflow vulnerability. Version 1.0.0.15 is affected.
3933dd1431da4c063e62908b6d60cf61accefadfda1561e952bfa4c9d5163a86Secunia Security Advisory - A vulnerability has been discovered in CrazyTalk Web Player, which can be exploited by malicious people to compromise a user's system.
79f17cddcbd88a56ea35d3e29749d3ad20f05a75507d4a77f410f583b02b48ecDebian Linux Security Advisory 2435-1 - Several vulnerabilities have been identified in Gnash, the GNU Flash player.
34960b52896a8f9019840896157b6ace872e440f5a13dee51a2a1f73ac9facb4Signing Me onto Your Accounts through Facebook and Google: a Traffic-Guided Security Study of Commercially Deployed Sign-Sign-On Web Services. This is the whitepaper where researchers discovered eight flaws with SSO technologies in use by major players.
24f6a2ecdbf64e223fc0cda388a9962cd29a2d5ffa9328c2a6c7c49b33aed9a4Secunia Security Advisory - Multiple vulnerabilities have been reported in VLC Media Player, which can be exploited by malicious people to compromise a user's system.
1344d931b33df5b015c5d13a06878d9760e33c10dc320f742d730dfb5365148fVUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a memory corruption error within the Matrix3D class when processing malformed 3D data within SWF files, which could be exploited by attackers to potentially compromise a vulnerable system or disclose memory information by tricking a user into visiting a specially crafted web page. Adobe Flash Player versions 11.1.102.62 and below are affected.
cd2efadbb305725a418111b28128ed5c65004213052f530f752893ddaadc11f6Zinf Audio Player version 2.2.1 buffer overflow exploit that creates a malicious .m3u file. Written in Python.
11b1158d362d3ed7220cb1f2adddb884b77cb7432f1a548de83db67295c50025Secunia Security Advisory - Multiple vulnerabilities have been reported in VLC Media Player, which can be exploited by malicious people to compromise a user's system.
d7c5a4b1cfbb1455ae006f126e1a88d87147b0812c3241bd9d9a4ca0ce6aa61eVLC Media Player versions 1.1.11 and below denial of service exploit that makes a malicious .flv file.
0eca42f600feb65e6a323e108ff5b1100d57ba6652c470f72002fe4d1c68fa73GOM Media Player version 2.1.37 suffers from a buffer overflow vulnerability.
b8e80b2960cc51304533fc7e846b6d4ea711424161c1b8cd36b39910265b5d42Secunia Security Advisory - SUSE has issued an update for flash-player. This fixes some vulnerabilities, which can be exploited by malicious people to gain knowledge of potentially sensitive information or compromise a user's system.
1bb3de0ae7d34c1203119887c985d5918d6308ca34ee8293a08d1e04151f49b8This Metasploit module exploits a vulnerability found in Adobe Flash Player. By supplying a corrupt .mp4 file loaded by Flash, it is possible to gain arbitrary remote code execution under the context of the user. This vulnerability has been exploited in the wild as part of the "Iran's Oil and Nuclear Situation.doc" phishing campaign.
bc712e2a0634304709e04fab0e0b399f87ad8994ef78b54e906ba338a89de632Secunia Security Advisory - Some vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to gain knowledge of potentially sensitive information or compromise a user's system.
3b583191ce1bde990fb87784459f8e4b123c5a7de9c778712999e48b39ef6aa7Red Hat Security Advisory 2012-0359-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes two vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB12-05, listed in the References section. A flaw was found in the way flash-plugin displayed certain SWF content. An attacker could use this flaw to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content.
4f6c288312851d2cb202ed736a92e3023e458dbcde02a2d931cb95fc88603ecbSplash Pro HD Player denial of service proof of concept exploit that creates a malicious .avi file.
4f32a79f26cac44c8b87a9a2d0254b51a8ce32d6876f9726cd59cf6f05bba627
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed