Heap-based Buffer Overflow in Windows Media Format Runtime by Microsoft
CVE-2007-0064

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Media Format Runtime
Vendor: CVE Published:; 12 December 2007

Summary

The vulnerability arises from a heap-based buffer overflow in the Windows Media Format Runtime, specifically affecting versions 7.1, 9, 9.5, 9.5 x64 Edition, and 11, along with Windows Media Services 9.1. When a user opens a specially crafted Advanced Systems Format (ASF) file, it can lead to arbitrary code execution by remote attackers. This poses significant security risks, especially in environments where media files are frequently accessed. Mitigation requires timely updates and adherence to security best practices.

References

http://www.securitytracker.com/id?1019074

vdb-entryx_refsource_SECTRACK

http://www.kb.cert.org/vuls/id/319385

third-party-advisoryx_refsource_CERT-VN

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

EPSS Score

69% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 12, 2007
Vulnerability Reserved
Jan 4, 2007