Ffdshow < rev2347_20081123 Remote Buffer Overflow
High Nessus Plugin ID 34969
SynopsisThe remote Windows host has an application that is affected by a remote buffer overflow vulnerability.
Descriptionffdshow, a DirectShow filter and VFW codec for multiple audio and video formats, is installed on the remote host.
ffdshow is available as a standalone package but is typically bundled with third-party codec software such as K-lite Codec Pack, XP Codec Pack, Vista Codec Package and Codec Pack All-in-one.
The installed version fails to perform sufficient boundary checks while processing very long URLs. By tricking a user into clicking on a specially crafted stream, it may be possible to execute arbitrary code on the remote system subject to the user's privileges.
SolutionUpgrade to ffdshow rev2347_20081123 or later.