ID
VAR-190001-0706
TITLE
HTC Touch2 T3333 HTCVideoPlayer Memory Corruption Vulnerability
Trust: 0.9
DESCRIPTION
The HTC Touch2 T3333 is a 3G smartphone based on the WM6.5 system. HTCVideoPlayer is the default media player for HTC Windows mobile devices. There is a memory corruption vulnerability when parsing the stbl atom of the 3g2 video format. Building malicious files to entice users to parse can cause an application to crash. HTCVideoPlayer is prone to a memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions
Trust: 0.81
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | htc | model: | touch2 t3333 | scope: | - | version: | - | Trust: 0.9 |
THREAT TYPE
remote
Trust: 0.6
TYPE
Unknown
Trust: 0.3
EXTERNAL IDS
| db: | BID | id: | 50999 | Trust: 1.5 |
| db: | CNVD | id: | CNVD-2011-5235 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-201112-156 | Trust: 0.6 |
REFERENCES
| url: | http://www.securityfocus.com/archive/1/520800 | Trust: 0.6 |
| url: | http://www.securityfocus.com/bid/50999 | Trust: 0.6 |
| url: | http://www.htc.com/www/ | Trust: 0.3 |
| url: | /archive/1/520800 | Trust: 0.3 |
CREDITS
Celil UNUVER of SignalSEC Labs
Trust: 0.9
SOURCES
| db: | CNVD | id: | CNVD-2011-5235 |
| db: | BID | id: | 50999 |
| db: | CNNVD | id: | CNNVD-201112-156 |
LAST UPDATE DATE
2022-05-17T01:42:56.277000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2011-5235 | date: | 2011-12-13T00:00:00 |
| db: | BID | id: | 50999 | date: | 2011-12-09T00:00:00 |
| db: | CNNVD | id: | CNNVD-201112-156 | date: | 2011-12-13T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2011-5235 | date: | 2011-12-13T00:00:00 |
| db: | BID | id: | 50999 | date: | 2011-12-09T00:00:00 |
| db: | CNNVD | id: | CNNVD-201112-156 | date: | 1900-01-01T00:00:00 |