Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Media players vulnerable to arbitrary code execution

BitDefender UK : 01 September, 2015  (Technical Article)
Bitdefender is warning of a vulnerability in JetAudio Basic and JetVideo media players that could result in remote code execution by attackers
Media players vulnerable to arbitrary code execution

An arbitrary code execution in the JetAudio Basic (v8.1.3) and JetVideo media players for Windows allows potential attackers to craft a malicious .asf file that could compromise a user’s PC, warns Bitdefender, the innovative security solutions provider.

The JetAudio Basic and JetVideo software applications enable playback of commonly used audio and video files on Windows. When the JXVidInfo.dll file parses the ASF file's codec entries, playing a movie or watching a video could have serious repercussions.

Once the DLL file is parsed, each codec name in a structure, previously defined on the stack, is copied by the code, but it does not validate the number of codec entries. Consequently, for a large number of codecs, the stack is then overwritten.

This JXVidInfo.dll file is a video info plugin for JetAudio that is exclusive to JetAudio Inc. As a significant component of the two applications, the same vulnerability can be reproduced on both JetAudio Basic and movie-playing product JetVideo.

“Considering the trivial exploitation of the vulnerability, an attacker could weaponise an .asf file as part of a spear-phishing attack and cause a serious amount of damage,” states Catalin Cosoi, Chief Security Strategist at Bitdefender. “Knowing the victim has one of the two media players installed on his local machine could turn this vulnerability into a valuable weapon in seizing control of the host.”

“Whether a drive-by download or malicious email attachment, the payload could be manipulated to execute any tool, process or service that an attacker would need to elevate their privileges on the targeted host.”

Bitdefender managed to overwrite the Structure Exception Handling in Windows so that code can be executed. The proof-of-concept exploit works on Windows XP and Windows 7, since these feature Data Execution Prevention. For Windows 8 and above, Structured Exception Handling Overwrite Protection is enabled by default, preventing Bitdefender’s proof-of-concept from running.

Bitdefender strongly encourages users to always use a security solution that is both constantly updated and able to detect new advanced threats. Knowledge is the first line of defense against online threats, and as such Bitdefender recommends exercising caution when browsing online, reading emails or operating PCs.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo