Application movie file buffer overflow (AVI_Very_Large)

About this signature or vulnerability

RealSecure Server Sensor, RealSecure Network, BlackICE PC Protection, Proventia Network MFS, Proventia-G 1.1 and earlier, Proventia Network IDS, IBM Security Server Protection for Windows, BlackICE Server Protection, Proventia Desktop, Proventia Network IPS, Virtual Server Protection for Vmware, Proventia Server IPS for Linux technology:

This signature detects a very large AVI movie file which could lead to remote code execution in vulnerable applications.

Default risk level

 High

Sensors that have this signature

RealSecure Server Sensor: XPU 28.150, RealSecure Network: XPU 28.150, BlackICE PC Protection: 3.6cri, Proventia Network MFS: XPU 28.150, Proventia-G 1.1 and earlier: XPU 28.150, Proventia Network IDS: XPU 28.150, IBM Security Server Protection for Windows: 2.1.14.2400, IBM Security Server Protection for Windows: 2.0.300.2290, IBM Security Server Protection for Windows: 1.0.914.2290, BlackICE Server Protection: 3.6.cri, Proventia Desktop: 2290, Proventia Network IPS: XPU 28.150, Virtual Server Protection for Vmware: 1.0, Proventia Server IPS for Linux technology: 28.150

Systems affected

IBM AIX, WindRiver BSDOS, Linux Kernel, Sun Solaris, Microsoft Windows, Data General DG/UX, SCO SCO Unix, Compaq Tru64, Xvid Xvid: 1.1.2, Xvid Xvid: 1.1.3, Xvid Xvid: 1.2.1

Type

Unauthorized Access Attempt

Vulnerability description

How to remove this vulnerability

References