Login   |   Secure Purdue > News

Media Player Classic .FLI File Processing Buffer Overflow Vulnerability

A highly critical vulnerability has been discovered in the open source media player Media Player Classic (MPC), which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error processing .FLI files (an old animation compression format). This vulnerability can be exploited to cause a buffer overflow when a malicious FLI file is opened (e.g. user is tricked into opening an .FLI file from an email or website). Successful exploitation of this vulnerability allows a remote attacker to execute arbitrary code on the vulnerable system. At this time there have been no reported incidences of this exploit from Purdue hosts.

==SYSTEMS AFFECTED==
*Media Player Classic 6.4.9.0
*Other versions may also be affected.
NOTE: Media Player Classic is included in many third party Codec packs also.

==SOLUTIONS==
Do not open untrusted .FLI files.

==FURTHER INFORMATION AND RESOURCES==
Secunia Advisory SA26591:
http://secunia.com/advisories/26591/

Heise Security Advisory:
http://www.heise-security.co.uk/news/94875/

Media Player Classic download site:
http://sourceforge.net/project/showfiles.php?group_id=82303&package_id=84486

Posted by Nathan Heck on August 29, 2007, in Handlers Log.