Popular Chinese Movie Player BaoFeng Vulnerable

It has recently been discovered thatBaoFeng Storm, a movie player written in Chinese and widely used inChinese-speaking countries, contains multiple buffer-overflowvulnerabilies, some of which are being actively exploited. Thevulnerabilities are related to the ActiveX control used by the softwareand a vulnerable computer simply needs to browse a Web site, whichcontains exploit code, to be compromised. Successful exploitation thenallows remote execution of arbitrary code in the context of theapplication using the ActiveX control (in this case Internet Explorer)and allows the attacker to take full control of the compromisedcomputer. Failed exploit attempts may lead to denial-of-serviceconditions, possibly resulting in the browser crashing.

The vulnerabilities have been confirmed in version 2.7.9.8 and betaversion 2.7.9.9, although other versions may also be affected, and atthe time of this writing the vulnerabilities remain unpatched. SecurityFocus have also released information (BID 25601)for it that includes a work-around until a vendor-supplied patch ismade available. Symantec has added a heuristic detection for theexploit, Bloodhound.Exploit.160.

The vendor has now released patches to correct these vulnerabilities.

ZhenHan Liu is credited with this discovery.