1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: SPlayer Content-Type Buffer Overflow

Attack: SPlayer Content-Type Buffer Overflow

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a buffer overflow vulnerability in SPlayer 3.7 which may lead to remote code execution.

Additional Information

SPlayer is a media player application.

The application is prone to a stack-based buffer-overflow vulnerability because it fails to properly bounds check-user-supplied input. Specifically, when the application parses the 'Content-Type' HTTP header value sent from a server, it fails to properly bounds check it before using it in the 'wcstol()' function.

An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

Affected

  • SPlayer 3.7 is vulnerable; other versions may also be affected.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube