Official BS.Player forums

Official BS.Player forums (http://forum.bsplayer.com/index.php)
-   Bug Reports And Codecs (http://forum.bsplayer.com/forumdisplay.php?f=10)
-   -   Security issue BS.Player Free? (http://forum.bsplayer.com/showthread.php?t=11901)

Niiub 9th December 2010 10:09 PM

Security issue BS.Player Free?
 
Hej Guys i wrote some days a email to the support but got no response.
I made a security audit of the BS.Player Free, and found a possebility to take controll of the Process if someone start a manipullated XYZ file with the Player.
Let's look at some Screenshot: :confused: [removed] :confused:

you see the loaded BS.Player in a debugger and you see the overwritten XYZXYZ it means we can take controlle of the Process and let execute some evil code.

I don't know if the Pro version is alsow affected, but i think so. It have to be fixed bevor some people try to use this bug and attack the customers. If the developers are interested in the manipullated file and more Information please Contact me.

Thanks,
Niiub

Edit//

Thanks BSPeter hope they can fix the security issues. :) For Help contact me by email or PM :)

BSPeter 9th December 2010 10:38 PM

I copied full contents of your post to a non-public area of the forum and will ask a BS.Player team member's attention to it.
:wink:
[I edited a part of your post; but only here, not in the copy.]

Ico-man 10th December 2010 10:40 AM

Thank you for reporting. Will be fixed in next version.


All times are GMT +1. The time now is 02:58 AM.

Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0 PL2
Ad Management plugin by RedTyger


1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20