Filtered by vendor Blazevideo
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-10031 | 1 Blazevideo | 1 Hdtv Player | 2025-08-06 | N/A |
| BlazeVideo HDTV Player Pro v6.6.0.3 is vulnerable to a stack-based buffer overflow due to improper handling of user-supplied input embedded in .plf playlist files. When parsing a crafted .plf file, the MediaPlayerCtrl.dll component invokes PathFindFileNameA() to extract a filename from a URL-like string. The returned value is then copied to a fixed-size stack buffer using an inline strcpy call without bounds checking. If the input exceeds the buffer size, this leads to a stack overflow and potential arbitrary code execution under the context of the user. | ||||
| CVE-2009-0450 | 1 Blazevideo | 1 Hdtv Player | 2025-04-09 | N/A |
| Stack-based buffer overflow in BlazeVideo HDTV Player 3.5 and earlier allows remote attackers to execute arbitrary code via a long string in a playlist (aka .plf) file. | ||||
| CVE-2006-6199 | 1 Blazevideo | 1 Blaze Dvd | 2025-04-09 | N/A |
| Stack-based buffer overflow in BlazeVideo BlazeDVD Standard and Professional 5.0, and possibly earlier, allows remote attackers to execute arbitrary code via a long filename in a PLF playlist. | ||||
| CVE-2006-6396 | 1 Blazevideo | 1 Hdtv Player | 2025-04-09 | N/A |
| Stack-based buffer overflow in BlazeVideo HDTV Player 2.1, and possibly earlier, allows remote attackers to execute arbitrary code via a long filename in a PLF playlist, a different product than CVE-2006-6199. NOTE: it was later reported that 3.5 is also affected. | ||||
Page 1 of 1.