Bugtraq: Re: [SVRT-05-08] Critical BoF vulnerability found in ffdshow affecting all internet browsers (SVRT-Bkis)

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: [SVRT-05-08] Critical BoF vulnerability found in ffdshow affecting all internet browsers (SVRT-Bkis)

From: Eygene Ryabinkin <rea-sec () codelabs ru>
Date: Tue, 25 Nov 2008 13:51:20 +0300

Good day.

Mon, Nov 24, 2008 at 03:17:05PM +0700, svrt wrote:

In Oct 2008, SVRT-Bkis has detected a serious buffer overflow vulnerability
in ffdshow which affects all available internet browsers.

                           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Really?  And links, elinks, lynx, dillo and others are affected too?
What about my Firefox that (I assume) has no ffdshow code inside it and
there are no ffdshow-related plugins coupled to it?  Is it vulnerable?

I am really appreciate that you're searching for the issues and
releasing advisories -- thanks for doing this!  But, please, use the
appropriate wording, or your advisories will lead to controversial
feelings.

Sorry for being a bit bluffy :(
-- 
Eygene

By Date By Thread

Current thread:

[SVRT-05-08] Critical BoF vulnerability found in ffdshow affecting all internet browsers (SVRT-Bkis) svrt (Nov 24)
- Re: [SVRT-05-08] Critical BoF vulnerability found in ffdshow affecting all internet browsers (SVRT-Bkis) Eygene Ryabinkin (Nov 25)
- Re: [SVRT-05-08] Critical BoF vulnerability found in ffdshow affecting all internet browsers (SVRT-Bkis) Nam Nguyen (Nov 25)
  - Re: [SVRT-05-08] Critical BoF vulnerability found in ffdshow affecting all internet browsers (SVRT-Bkis) svrt (Nov 26)