Saturday, January 27, 2007

MOAB-27-01-2007: Telestream Flip4Mac WMV Parsing Memory Corruption Vulnerability

Flip4Mac fails to properly handle WMV files with a crafted ASF_File_Properties_Object size field, leading to an exploitable memory corruption condition, which can be abused remotely for arbitrary code execution.

Further information:
This can be abused remotely even via Mail.app (sending the movie attached in the message), Safari, etc.

No comments: