Stack-based Buffer Overflow in MPEG Layer-3 Codecs for Microsoft Windows Products
CVE-2010-0480

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows 2000
Vendor: CVE Published:; 14 April 2010

What is CVE-2010-0480?

This vulnerability stems from multiple stack-based buffer overflows in the MPEG Layer-3 audio codecs used within several Microsoft Windows operating systems. A remote attacker may exploit this issue by sending a specially crafted AVI file, enabling arbitrary code execution on the affected system. This can result in unauthorized control over the system, data corruption, or denial of service, posing significant risks to users and their data.

References

http://securityreason.com/securityalert/8336

third-party-advisoryx_refsource_SREASON

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

81% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 14, 2010
Vulnerability Reserved
Feb 2, 2010