Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: K-Lite Codec Pack completely mis-detected

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
KL Software
And, this specific program:
K-Lite Mega Codec Pack 1.x

This thread has been marked as locked.
stephensussman K-Lite Codec Pack completely mis-detected
Member 21st May, 2011 00:15
Ranking: 1
Posts: 8
User Since: 9th Dec, 2010
System Score: N/A
Location: N/A
It's really admirable of Secunia to include K-Lite Codec Pack in the database, because codecs can certainly be an attack vector, but you are delivering the wrong information.

KLCP has two different "version numbers" and it is currently 7.1.8 (32-bit) and 4.6.0 (64-bit), although these days the 32-bit updaters also install the 64-bit codecs and people generally refer to the 32-bit version number these days.

PSI reports any and all versions of KLCP as "Mega Codec Pack 1.x". Firstly, it isn't Mega. I am running standard. Again admirable if you want to detect at that level of specificity, but it does no good if it's wrong. And of course the version number problem is apparent... this is certainly not version 1.x.

I understand it may be hard to detect correctly... but reporting any version as "1.0" is kind of pointless and does not improve security at all, so it should either be fixed or deleted.

I can suggest instead of detecting KLCP itself (which is really just a collection) you could detect it's main consituent parts - ffmpeg/ffdshow. TSmuxer, etc.

Problem report is below:

---START---

Program Name:
K-Lite Mega Codec Pack 1.x

Security State:
Patched

Download Link:


Instances Found:
C:\Program Files (x86)\K-Lite Codec Pack\psvince.dll, version: 1.0.0.0

Last System Scan (localtime):
18. May 2011, 23:18

Operating System:
Microsoft Windows 7 (64-bit)

Anthony Wells RE: K-Lite Codec Pack completely mis-detected
Expert Contributor 21st May, 2011 23:35
Score: 2437
Posts: 3,323
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Hi ,

There is the need for the PSI to detect the file meta data which relates to a version of any programme detected . A different file to the one which actually detects the programme may be needed to supply the version # .

C:\Program Files (x86)\K-Lite Codec Pack\psvince.dll, version: 1.0.0.0

is the file detecting the software ; but for the version you will need to look elsewhere n the

C:\Program Files (x86)\K-Lite Codec Pack\ ... folder

and you will need to find a detectable file :eg: an .exe , .dll or similar : which contains the version data . Then you can submit that to Secunia using the "Are you missing a program" link at the top right of the scan results page .

I am short of time , but a quick look in my Full version 7.1.8 0 folder (installer 717_20110506) does not produce anything useful ; plus you will see here that the various items you suggest have their own numbers :-

http://www.codecguide.com/features_standard.htm

A further complication lies in the various installation options available for custom loading the pack and which the PSI would be unlikely to determine as to their individual selection .

On the bright side , the MPC Home-Cinema is displayed separately (currently as version 1.5.2.3086) and as it could be a serious risk it is good to know if you are up to date with the latest security patches (not to be confused with bug and eye candy fixes) . So you may not find a file for the pack but you could suggest parts of the install that interest you and have a "measurable" version file .

Hope that helps , support will be back tomorrow (Monday CET) and may have something to add/change to the above .

Take care

Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+2
-0
Anthony Wells RE: K-Lite Codec Pack completely mis-detected
Expert Contributor 21st May, 2011 23:35
Score: 2437
Posts: 3,323
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
Last edited on 21st May, 2011 23:39

Double post deleted .

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability