8.6 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.089 Low
EPSS
Percentile
94.4%
Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a large size value in a movi record in an IV41 stream in a media file, as demonstrated by an AVI file.
CPE | Name | Operator | Version |
---|---|---|---|
windows_xp | eq | - sp2 | |
windows_xp | eq | sp2x64 |
secunia.com/advisories/37592
securitytracker.com/id?1023302
support.microsoft.com/kb/954157
support.microsoft.com/kb/955759
support.microsoft.com/kb/976138
www.microsoft.com/technet/security/advisory/954157.mspx
www.osvdb.org/60855
www.securityfocus.com/archive/1/508324/100/0/threaded
www.securityfocus.com/bid/37251
www.vupen.com/english/advisories/2009/3440
zerodayinitiative.com/advisories/ZDI-09-089/
exchange.xforce.ibmcloud.com/vulnerabilities/54642
exchange.xforce.ibmcloud.com/vulnerabilities/54645
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12188