Buffer overflow in Nero Media Player
An exploit for a bug in Nero Media Player has been published that demonstrates how crafted M3U files can provoke a buffer overflow. The exploit merely generates a file with an over-long URI which crashes the media player, but the buffer overflow can also apparently be used to inject and execute code. For this to happen, however, the victim must download and open a crafted file or visit a crafted web page.
The bug was discovered in version 18.104.22.168b. Other versions are also likely to be affected. No patch is yet available and it is questionable whether there will be one, as the player has not been updated for some time. Users should consider using an alternative media player and uninstalling Nero Media Player. It is currently difficult to recommend a media player for Windows that is free of security issues. The media player with the fewest reports of security vulnerabilities in recent months has been Windows Media Player.
- NERO Media Player <= 22.214.171.124b Remote Buffer Overflow( .M3U), security advisory from Securfrog