HTTP: Malformed Play List File (PLF)
This signature detects attempts to exploit a known vulnerability in DVD X Player and Aviosoft DTV Player. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the targeted application.
Extended Description
DVD X Player is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the affected user. Failed exploit attempts likely result in application crashes. This issue affects DVD X Player 4.1; other versions may also be affected.
Affected Products
Dvd_x_studios dvd_x_players
Short Name
HTTP:STC:DL:MAL-PLF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
(PLF) CVE-2007-3068 CVE-2011-4496 File List Malformed Play bid:24278 bid:50582 bid:69220
Release Date
11/30/2012
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3391
False Positive
Unknown
Vendors
Dvd_x_studios
CVSS Score
9.3
6.8