CVE-2009-4310

Currently unrated

Key Information:

Vendor
Microsoft
Status
Windows 2000
Windows 2003 Server
Windows Xp
Media Player
Vendor
CVE Published:
13 December 2009

Summary

Stack-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted compressed video data in an IV41 stream in a media file, leading to many loop iterations, as demonstrated by data in an AVI file.

References

http://support.microsoft.com/kb/955759
vendor-advisoryx_refsource_MSKB
http://securitytracker.com/id?1023302
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/37251
vdb-entryx_refsource_BID

EPSS Score

17% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.