Related information

StreamAudio ChainCast ProxyManager  ActiveX buffer overflow

From:	Elazar Broad <elazar_(at)_hushmail.com>
Date:	13.01.2008
Subject:	[Full-disclosure] StreamAudio ChainCast ProxyManager ccpm_0237.dll Buffer Overflow

Who:
http://www.streamaudio.com
StreamAudio(formerly ChainCast) is a provides streaming media for
radio broadcasters.

What:
StreamAudio utilizes an Active control that acts as a proxy between
StreamAudio and Windows Media Player which actually plays the
content.
This control is marked as follows:
{2253F320-AB68-4A07-917D-4F12D8884A06}
IObjectSafety:
IO. Safe for scripting (IDispatch)

How:
The first parameter of the InternalTuneIn() method expects a URL to
passed it and it fails to properly check the length of the supplied
data. The SEH  is overwritten after 248 bytes.

Fix:
Set the killbit for this this control, see
http://support.microsoft.com/kb/240797

Elazar


--
Self Storage Options - Click Here.
http://tagline.hushmail.com/fc/Ioyw6h4eNgRQWOP1FhRQ2cKm8Nmb4ptQwJo9icblrmiIEVMf7O
xT9O/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/