Win32 Codecs: User-assisted execution of arbitrary code

Win32 Codecs: User-assisted execution of arbitrary code A buffer overflow vulnerability in Win32 Codecs can potentially allow for user-assisted arbitrary code execution. win32codecs 2013-12-16 2013-12-16 232999 remote 20071007-r4

Win32 Codecs is a set of Windows audio and video playback codecs.

A heap-based buffer overflow exists when handling Shockwave Flash files.

A remote attacker could entice a user to open a specially crafted Flash file using a package linked against Win32 Codecs, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.

There is no known workaround at this time.

Gentoo has discontinued support for Win32 Codecs. We recommend that users unmerge Win32 Codecs:


      # emerge --unmerge "media-libs/win32codecs"

CVE-2007-5400 creffett creffett