Official BS.Player forums  

Go Back   Official BS.Player forums > Main forum > General Talk And Support

General Talk And Support General talk and peer-to-peer support about BS.Player and other video and audio multimedia players.

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 10th December 2007
Junior Member
BS.Player Newbie
 
Join Date: Dec 2007
Posts: 5
Rep Power: 0
alien51 is an unknown quantity at this point
Default Is BSplayer vulnerable to latest overflow vulnerability?

Hello!

I was wondering if BSplayer is vulnerable to this latest threat published at:
http://www.securityfocus.com/bid/26773/discuss

The advisory cites WMP and I've also read that Winamp is also affected, hence the question. And if so what precautionary measures should users take?

tks
Reply With Quote
  #2 (permalink)  
Old 10th December 2007
Moderator
BS.Player Master
 
Join Date: Nov 2003
Location: Italy
Posts: 3,037
Rep Power: 20
Tizio will become famous soon enough
Default

I think that every player that uses 3ivX codec is affected by this thread.
Just use another decoder or simply use a good firewall and block inbound flow for BSplayer (or block the access to 3ivX codec by other applications)
__________________
BSP SkinMaker (v1.07) the one and only Skin Editor for BSplayer
BSP Definitions Manager (v1.02)
BS.Player's FAQ (by BSPeter) | Italian language file (v2.57 build 1051)
Reply With Quote
  #3 (permalink)  
Old 11th December 2007
Junior Member
BS.Player Newbie
 
Join Date: Dec 2007
Posts: 5
Rep Power: 0
alien51 is an unknown quantity at this point
Default

Thanks for the reply, Tizio.

Even though it is not strictly related to BSplayer could you explain how one goes about to disable the 3ivx codec? I don't even know how to identify if it's installed on my system...
Reply With Quote
  #4 (permalink)  
Old 11th December 2007
Moderator
BS.Player Master
 
Join Date: Nov 2003
Location: Italy
Posts: 3,037
Rep Power: 20
Tizio will become famous soon enough
Default

If you don't know if it's installed or not I doubt you have it installed..
If you have not installed a codec pack that include it in it's installer you don't have it installed (thake a look at "Add/Remove programs" item in Windows Control Panel)

Anyway it's a low risk threat in my opinion since the "attacker" must know that your are running a player with that particular codec and you need to have BSplayer to listen to inbound connections and/or 3ivX codec to do so too, and the streams that need 3ivX to decode them are really few nowadays. Yes, there could be the remote possibility that full time scanners are used to scan all your ports for weakness, but if you have a firewall installed (even the worst one such as Windows Firewall one) these attemps will be unsuccessful.

Plus remember one thing: If a hacker wants to take posses of your computer he will do!

Personal firewalls are intended to protect users by them self in first place, and from the majority of automated hacking methods. But to professional hackers those make only the work harder, not impossible. Exactly the same as house alarms. They can keep casual thieve away from your home, but Lupin knows how to break them.

"the weak link in the chain is almost always the man himself"
__________________
BSP SkinMaker (v1.07) the one and only Skin Editor for BSplayer
BSP Definitions Manager (v1.02)
BS.Player's FAQ (by BSPeter) | Italian language file (v2.57 build 1051)
Reply With Quote
  #5 (permalink)  
Old 11th December 2007
Member
BS.player Regular User
 
Join Date: Aug 2005
Posts: 64
Rep Power: 0
speedtrap is an unknown quantity at this point
Default

3ivX is an MPEG-4 ASP codec, just like DivX and Xvid.

That simply means that you don't need the 3ivX codec, because for example ffdshow is also able to decode the video.

The DivX and Xvid decoders can also decode video encoded by 3ivX. It may be needed to change the FourCC. But it is very well possible that they are able to recognize the FourCCs used by 3ivX, when turning on their respective "Generic MPEG-4" decoding options.
Reply With Quote
  #6 (permalink)  
Old 11th December 2007
Moderator
BS.Player Master
 
Join Date: Jan 2003
Location: Romania
Age: 49
Posts: 5,127
Rep Power: 25
adicoto is on a distinguished road
Default

Quote:
Originally Posted by speedtrap
3ivX is an MPEG-4 ASP codec, just like DivX and Xvid.

That simply means that you don't need the 3ivX codec, because for example ffdshow is also able to decode the video.

The DivX and Xvid decoders can also decode video encoded by 3ivX. It may be needed to change the FourCC. But it is very well possible that they are able to recognize the FourCCs used by 3ivX, when turning on their respective "Generic MPEG-4" decoding options.
I don't think so, or at least I never saw this happeninig. Nor DivX neither XviD don't decode 3ivX or VP codecs. The other way, yes, VP and 3ivX do decode DivX and XviD. As far as I know, DivX and XviD are more like a "home user" codecs while the others are profesional ones.
Reply With Quote
  #7 (permalink)  
Old 11th December 2007
J7N's Avatar
J7N J7N is offline
Senior Member
BS.Player Power User
 
Join Date: Feb 2006
Location: Cyberspace
Posts: 762
Rep Power: 0
J7N is an unknown quantity at this point
Default

VPx is a different format, not directly related to MPEG-4. You need either ffdshow or the On2 libraries.

I agree with speedtrap about MPEG-4 ASP. It's absolutely unnecessary to install DivX and XviD and 3ivx, and ffdshow.

If you need only MPEG-4 ASP and don't care about exotic codecs, go with XviD, otherwise install ffdshow. DivX is out of question for newbies, as it's not easy to find the bare decoder now, when DivXNetworks offers a bloated installer only. And those like Tizio, who know how to install DivX 5,don't need to ask here.

DivX6 indeed looks very unprofessionally bloated. But this fact should not build any reputation for MPEG-4 ASP as a format. Look at AAC for example. You could associate it with iTunes and conclude it to be unprofessional. Yet there are radio stations who use hardware AAC encoders to transmit their programming to relay broadcasters.
Reply With Quote
Reply

Tags
latest, overflow, vulnerability, vulnerable

Thread Tools
Display Modes

Posting Rules


All times are GMT +1. The time now is 11:55 AM.


Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0 PL2
Ad Management plugin by RedTyger

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19