Rule

--
Sid
14019

--
Summary:
This event is generated when an attempt is made to exploit a known vulnerability in CyberLink PowerDVD.

--
Impact:
Serious. Execution of code is possible.

--
Detailed Information:
The CyberLink PowerDVD application fails to correctly parse playlist files supplied by a user. This may allow a remote attacker to execute code on an affected system.

--
Affected Systems:
CyberLink PowerDVD 8.0 and prior

--
Attack Scenarios:
An attacker needs to supply a malformed playlist file to the application.

--
Ease of Attack:
Simple.

--
False Positives:
None known.

--
False Negatives:
None known.

--
Corrective Action:
Apply the appropriate vendor supplied patches.

Upgrade to the latest non-affected version of the software.

--
Contributors:
Sourcefire Vulnerability Research Team

--
Additional References:


--
