Release DateJan 07, 2012 |
Severityhigh |
ImpactSystem Compromise: Remote attackers can remote execute arbitrary code. |
DescriptionThis indicates an attack attempt against a Buffer Overflow vulnerability in AVID Media Composer.The vulnerability is caused by an error when the Phonetic Indexer (AvidPhoneticIndexer.exe) in the vulnerable software handles malicious packets. It allows a remote attacker to execute arbitrary code via sending a large crafted request. |
Affected ProductsAVID Media Composer 5.5.3 and earlier versions |
Recommended ActionsCurrently we are not aware of any vendor supplied patch for this issue. Don't access to untrusted hosts. |
Coverage IPS
VCM |
Reference/shttp://osvdb.org/show/osvdb/77376http://www.security-assessment.com/files/documents/advisory/Avid_Media_Composer-Phonetic_Indexer-Remote_Stack_Buffer_Overflow.pd |
