Intrusion Prevention

3ivx.MPEG4.File.Processing.Buffer.Overflow

Description

This indicates an attempt to exploit a stack based buffer overflow vulnerability in mplayer2.exe in Microsoft Windows Media Player 6.4.
This vulnerability is caused by boundry errors that occur when handling some atoms of mp4 files. It allow remote attackers to execute arbitrary code via a specially crafted .mp4 file.

Affected Products

3ivx MPEG-4 5.0.1

Impact

System Compromise: remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to 3ivx MPEG-4 5.0.2,available from the vendor's web site.
http://www.3ivx.com/download/

CVE References

CVE-2007-6401