Official BS.Player forums  

Go Back   Official BS.Player forums > Main forum > Bug Reports And Codecs

Bug Reports And Codecs Report BS.Player bugs here - help us to improve BS.Player even further.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 9th December 2010
Junior Member
BS.Player Newbie
 
Join Date: Dec 2010
Age: 44
Posts: 3
Rep Power: 0
Niiub is on a distinguished road
Default Security issue BS.Player Free?

Hej Guys i wrote some days a email to the support but got no response.
I made a security audit of the BS.Player Free, and found a possebility to take controll of the Process if someone start a manipullated XYZ file with the Player.
Let's look at some Screenshot: [removed]

you see the loaded BS.Player in a debugger and you see the overwritten XYZXYZ it means we can take controlle of the Process and let execute some evil code.

I don't know if the Pro version is alsow affected, but i think so. It have to be fixed bevor some people try to use this bug and attack the customers. If the developers are interested in the manipullated file and more Information please Contact me.

Thanks,
Niiub

Edit//

Thanks BSPeter hope they can fix the security issues. :) For Help contact me by email or PM :)

Last edited by Niiub; 9th December 2010 at 11:56 PM.
Reply With Quote
  #2 (permalink)  
Old 9th December 2010
BSPeter's Avatar
Moderator
BS.Player Master
 
Join Date: Nov 2002
Location: The Netherlands
Posts: 5,463
Rep Power: 32
BSPeter is on a distinguished road
Default

I copied full contents of your post to a non-public area of the forum and will ask a BS.Player team member's attention to it.

[I edited a part of your post; but only here, not in the copy.]
__________________
Help2Help (click) BSplayer: simply the best & most versatile (Build 1072 Dutch language here!)
When posting always mention your computer's OS and the version and build number(!) of BS.Player as used by you,
as well as - if applicable and especially when encountering problems - the type(s) of the file(s) mentioned in your post.
Private messages/Visitor messages are NOT for seeking personal help with respect to BS.Player! Instead use the forums!
Reply With Quote
  #3 (permalink)  
Old 10th December 2010
Ico-man's Avatar
BS.Support
BS.Player Power User
 
Join Date: Sep 2006
Location: Slovenia
Posts: 1,469
Rep Power: 10
Ico-man is on a distinguished road
Default

Thank you for reporting. Will be fixed in next version.
Reply With Quote
Reply

Tags
buffer, free, overflow

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules

Similar Threads
Thread Thread Starter Forum Replies Last Post
BS.Player FREE download website Ico-man Download BS.Player 11 19th May 2022 05:33 PM
Bugs/cosmetical issues re GUI/translation of BS.Player versions 252/253/254 BSPeter Bug Reports And Codecs 19 2nd August 2010 08:15 PM
About my free BS.Player PRO license for translator jiu BS.Player Translations 1 13th October 2009 04:34 PM
NO Adware bundled in BS.Player FREE anymore! Mat2000 BS. Player ControlBar 12 24th February 2009 10:52 PM


All times are GMT +1. The time now is 07:09 PM.


Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0 PL2
Ad Management plugin by RedTyger

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20