Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:STC:DL:COOLPLAYER-PLAYLIST

Severity

 Major

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 CoolPlayer Playlist File Handling Buffer Overflow

Release Date

 2010/10/11

Update Number

 1789

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: CoolPlayer Playlist File Handling Buffer Overflow


This signature detects attempts to exploit a known vulnerability in CoolPlayer. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the user.

Extended Description

CoolPlayer is prone a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. The issue occurs when handling specially crafted M3U files. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts likely result in denial-of-service conditions.

Affected Products

  • Coolplayer coolplayer 215
  • Coolplayer coolplayer 216
  • Coolplayer coolplayer 217
  • Coolplayer coolplayer 218
  • Coolplayer coolplayer 219
  • Coolplayer coolplayer+_portable 2.19.1
  • Coolplayer coolplayer+_portable 2.19.2

References

  • BugTraq: 30418
  • CVE: CVE-2008-3408

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out