9.3 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.963 High
EPSS
Percentile
99.5%
The remote Windows host contains a version of the Windows Media Format Runtime that is affected by multiple issues :
The ASF parser has an invalid free vulnerability. A remote attacker could exploit this by tricking a user into opening a specially crafted ASF file, which could lead to arbitrary code execution. (CVE-2009-2498)
The MP3 parser has a memory corruption vulnerability. A remote attacker could exploit this by tricking a user into opening a specially crafted MP3 file, which could lead to arbitrary code execution. (CVE-2009-2499)
Binary data 5167.prm
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | windows_media_format_runtime | cpe:/a:microsoft:windows_media_format_runtime |