Is BSplayer vulnerable to latest overflow vulnerability?

[alien51]

Hello!

I was wondering if BSplayer is vulnerable to this latest threat published at:
http://www.securityfocus.com/bid/26773/discuss

The advisory cites WMP and I've also read that Winamp is also affected, hence the question. And if so what precautionary measures should users take?

tks

[Tizio]

I think that every player that uses 3ivX codec is affected by this thread.
Just use another decoder or simply use a good firewall and block inbound flow for BSplayer (or block the access to 3ivX codec by other applications)

[alien51]

Thanks for the reply, Tizio.

Even though it is not strictly related to BSplayer could you explain how one goes about to disable the 3ivx codec? I don't even know how to identify if it's installed on my system...

[Tizio]

If you don't know if it's installed or not I doubt you have it installed..
If you have not installed a codec pack that include it in it's installer you don't have it installed (thake a look at "Add/Remove programs" item in Windows Control Panel)

Anyway it's a low risk threat in my opinion since the "attacker" must know that your are running a player with that particular codec and you need to have BSplayer to listen to inbound connections and/or 3ivX codec to do so too, and the streams that need 3ivX to decode them are really few nowadays. Yes, there could be the remote possibility that full time scanners are used to scan all your ports for weakness, but if you have a firewall installed (even the worst one such as Windows Firewall one) these attemps will be unsuccessful.

Plus remember one thing: If a hacker wants to take posses of your computer he will do!

Personal firewalls are intended to protect users by them self in first place, and from the majority of automated hacking methods. But to professional hackers those make only the work harder, not impossible. Exactly the same as house alarms. They can keep casual thieve away from your home, but Lupin knows how to break them.

"the weak link in the chain is almost always the man himself"

[speedtrap]

3ivX is an MPEG-4 ASP codec, just like DivX and Xvid.

That simply means that you don't need the 3ivX codec, because for example ffdshow is also able to decode the video.

The DivX and Xvid decoders can also decode video encoded by 3ivX. It may be needed to change the FourCC. But it is very well possible that they are able to recognize the FourCCs used by 3ivX, when turning on their respective "Generic MPEG-4" decoding options.

[adicoto]

Quote:

Originally Posted by speedtrap

3ivX is an MPEG-4 ASP codec, just like DivX and Xvid.

That simply means that you don't need the 3ivX codec, because for example ffdshow is also able to decode the video.

The DivX and Xvid decoders can also decode video encoded by 3ivX. It may be needed to change the FourCC. But it is very well possible that they are able to recognize the FourCCs used by 3ivX, when turning on their respective "Generic MPEG-4" decoding options.

I don't think so, or at least I never saw this happeninig. Nor DivX neither XviD don't decode 3ivX or VP codecs. The other way, yes, VP and 3ivX do decode DivX and XviD. As far as I know, DivX and XviD are more like a "home user" codecs while the others are profesional ones.

[J7N]

VPx is a different format, not directly related to MPEG-4. You need either ffdshow or the On2 libraries.

I agree with speedtrap about MPEG-4 ASP. It's absolutely unnecessary to install DivX and XviD and 3ivx, and ffdshow.

If you need only MPEG-4 ASP and don't care about exotic codecs, go with XviD, otherwise install ffdshow. DivX is out of question for newbies, as it's not easy to find the bare decoder now, when DivXNetworks offers a bloated installer only. And those like Tizio, who know how to install DivX 5,don't need to ask here.

DivX6 indeed looks very unprofessionally bloated. But this fact should not build any reputation for MPEG-4 ASP as a format. Look at AAC for example. You could associate it with iTunes and conclude it to be unprofessional. Yet there are radio stations who use hardware AAC encoders to transmit their programming to relay broadcasters.