Heap-based Buffer Overflow in Intel Indeo41 Codec for Windows Media Player by Microsoft
CVE-2009-4309

Currently unrated

Key Information:

Vendor

Microsoft
Status
Windows Media Player
Windows 2000
Windows 2003 Server
Windows Xp
Vendor
CVE Published:
13 December 2009

What is CVE-2009-4309?

A heap-based buffer overflow exists in the Intel Indeo41 codec used by Windows Media Player, posing a risk to systems running Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2. This vulnerability can be exploited by remote attackers through specially crafted media files, particularly those containing AVI format, to execute arbitrary code. By supplying a large size value in a movi record within an IV41 stream, an attacker could take control of the affected system, highlighting the critical need for users to apply security updates and take proactive measures to mitigate risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://support.microsoft.com/kb/955759
vendor-advisoryx_refsource_MSKB
http://www.securityfocus.com/archive/1/508324/100/0/threaded
mailing-listx_refsource_BUGTRAQ
https://exchange.xforce.ibmcloud.com/vulnerabilities/54642
vdb-entryx_refsource_XF

EPSS Score

30% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.