Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
BlazeVideo HDTV Player Pro 6.6.0.3 Filename Handling Buffer Overflow
Vulnerability Description
BlazeVideo HDTV Player Pro v6.6.0.3 is vulnerable to a stack-based buffer overflow due to improper handling of user-supplied input embedded in .plf playlist files. When parsing a crafted .plf file, the MediaPlayerCtrl.dll component invokes PathFindFileNameA() to extract a filename from a URL-like string. The returned value is then copied to a fixed-size stack buffer using an inline strcpy call without bounds checking. If the input exceeds the buffer size, this leads to a stack overflow and potential arbitrary code execution under the context of the user.
CVSS Information
N/A
Vulnerability Type
栈缓冲区溢出
Vulnerability Title
BlazeVideo HDTV Player Pro 安全漏洞
Vulnerability Description
BlazeVideo HDTV Player Pro是美国BlazeVideo公司的一个视频播放器。 BlazeVideo HDTV Player Pro v6.6.0.3版本存在安全漏洞,该漏洞源于未正确处理.plf文件输入,可能导致缓冲区溢出和任意代码执行。
CVSS Information
N/A
Vulnerability Type
N/A