Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusTenable5165.PRM
HistorySep 11, 2009 - 12:00 a.m.

MS09-047: Windows Media Format Multiple Vulnerabilities (Windows XP 32-bit)

2009-09-1100:00:00
Tenable
www.tenable.com
14

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.961

Percentile

99.5%

JSON

The remote Windows host contains a version of the Windows Media Format Runtime that is affected by multiple issues :

  • The ASF parser has an invalid free vulnerability. A remote attacker could exploit this by tricking a user into opening a specially crafted ASF file, which could lead to arbitrary code execution. (CVE-2009-2498)

  • The MP3 parser has a memory corruption vulnerability. A remote attacker could exploit this by tricking a user into opening a specially crafted MP3 file, which could lead to arbitrary code execution. (CVE-2009-2499)

Note that this patch is not available for unsupported Service Packs.

Binary data 5165.prm

Related

nessus 5
securityvulns 2
openvas 2
jvn 1
cvelist 2
cve 2
prion 2
seebug 2
checkpoint_advisories 4
nvd 2
nessus
nessus
MS09-047: Windows Media Format Multiple Vulnerabilities (Windows Vista / Server 2008)
2009-09-11 00:00:00
MS09-047: Windows Media Format Multiple Vulnerabilities (Windows Server 2003)
2009-09-11 00:00:00
MS09-047: Windows Media Format Multiple Vulnerabilities (Windows XP 64-bit)
2009-09-11 00:00:00
securityvulns
securityvulns
Microsoft Windows Media formats security vulnerabilities
2009-09-09 00:00:00
Microsoft Security Bulletin MS09-047 - Critical Vulnerabilities in Windows Media Format Could Allow Remote Code Execution (973812)
2009-09-09 00:00:00
openvas
openvas
Microsoft Windows Media Format Remote Code Execution Vulnerability (973812)
2009-09-10 00:00:00
Microsoft Windows Media Format Remote Code Execution Vulnerability (973812)
2009-09-10 00:00:00
jvn
jvn
JVN#62211338 Buffer overflow vulnerability in Microsoft Windows
2009-09-09 00:00:00
cvelist
cvelist
CVE-2009-2499
2009-09-08 22:00:00
CVE-2009-2498
2009-09-08 22:00:00
cve
cve
CVE-2009-2499
2009-09-08 22:30:00
CVE-2009-2498
2009-09-08 22:30:00
prion
prion
Memory corruption
2009-09-08 22:30:00
Design/Logic Flaw
2009-09-08 22:30:00
seebug
seebug
Microsoft Windows Media Format运行时库ASF头无效释放内存破坏漏洞(MS09-047)
2009-09-11 00:00:00
Microsoft Windows Media Format运行时库MP3元数据解析内存破坏漏洞(MS09-047)
2009-09-11 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows MP3 File Media Playback Memory Corruption (MS09-047; CVE-2009-2499)
2009-09-08 00:00:00
Windows MP3 Media File Format Parsing Code Execution - Ver2 (CVE-2009-2499)
2014-03-03 00:00:00
Microsoft Windows ASF File Media Header Parsing Code Execution - Ver2 (CVE-2009-2498)
2014-03-03 00:00:00
nvd
nvd
CVE-2009-2499
2009-09-08 22:30:00
CVE-2009-2498
2009-09-08 22:30:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.961

Percentile

99.5%

JSON
Related for 5165.PRM
nessus5securityvulns2openvas2jvn1cvelist2cve2prion2seebug2checkpoint_advisories4nvd2