1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: Mini-Stream RM-MP3 Converter PLS File BO

Attack: Mini-Stream RM-MP3 Converter PLS File BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects an attempt to exploit a buffer overflow vulnerability in Mini-stream Software RM-MP3 Converter application which may result in remote code execution.

Additional Information

Mini-stream Software provides multimedia applications for Microsoft Windows platforms.

The vendor's RM-MP3 Converter is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate checks on user-supplied input. Specifically, this issue occurs when opening a '.pls' playlist file that contains an excessively long URI string.

Successfully exploiting this issue may allow remote attackers to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

Affected

  • Mini-stream Software Mini-stream RM-MP3 Converter 3.0 .7
  • Mini-stream Software Mini-stream RM-MP3 Converter 3.1.2.1
  • Mini-stream Software Mini-stream RM-MP3 Converter 0
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube