[Full-disclosure] [AOGBF] Re: BS.Player 2.22 NULL ptr dereference
3APA3A
3APA3A at SECURITY.NNOV.RU
Fri Aug 3 18:09:34 BST 2007
Dear edi.strosar at varnostne-novice.com,
<irony>
Seems to be Another One George Bush Fan.
You know, there is vulnerability in all media players, it can be
exploited by opening MP3 file with George Bush bathroom singing. George
Bush fans are not vulnerable, yet they are still vulnerable to one you
described.
</irony>
Quote:
Can you, please explain why is this security bug? DoS is not software
crash, DoS is Denial of Service. It means, security impact of DoS
vulnerability should be preventing (blocking) access of legitimate user
to some data or service (via data corruption, service malfuction, etc).
--Friday, August 3, 2007, 4:40:41 AM, you wrote to full-disclosure at lists.grok.org.uk:
esvnc>
=========================================================================
esvnc> Team Intell Security Advisory TISA2007-10-Private
esvnc>
-------------------------------------------------------------------------
esvnc> BS.Player 2.22 NULL pointer dereference
esvnc>
=========================================================================
--
~/ZARAZA http://securityvulns.com/
Full-Disclosure is hosted and sponsored by Secunia.