file-type affected by infinite loop in ASF parser on malformed input with zero-size sub-header

Impact A denial of service vulnerability exists in the ASF WMV/WMA file type detection parser. When parsing a crafted input where an ASF sub-header has a size field of zero, the parser enters an infinite loop. The payload value becomes negative -24, causing tokenizer.ignorepayload to move the rea...

PT-2026-24463

file-type detects the file type of a file, stream, or data. Prior to 21.3.1, a denial of service vulnerability exists in the ASF WMV/WMA file type detection parser. When parsing a crafted input where an ASF sub-header has a size field of zero, the parser enters an infinite loop. The payload value...

MS13-057: Description of the security update for Windows Media Format Runtime 9 and 9.5 (wmvdmod.dll), and for Windows Media Player 11 and 12: July 9, 2013

MS13-057: Description of the security update for Windows Media Format Runtime 9 and 9.5 wmvdmod.dll, and for Windows Media Player 11 and 12: July 9, 2013 INTRODUCTION Microsoft has released security bulletin MS13-057. To view the complete security bulletin, visit one of the following Microsoft...

MS13-057: Description of the security update for Windows Media Format Runtime 9.5 and 11 (wmvdecod.dll) on Windows XP and Windows Server 2003: July 9, 2013

MS13-057: Description of the security update for Windows Media Format Runtime 9.5 and 11 wmvdecod.dll on Windows XP and Windows Server 2003: July 9, 2013 INTRODUCTION Microsoft has released security bulletin MS13-057. To view the complete security bulletin, go to one of the following Microsoft...

Remote code execution

The Microsoft WMV video codec in wmv9vcm.dll, wmvdmod.dll in Windows Media Format Runtime 9 and 9.5, and wmvdecod.dll in Windows Media Format Runtime 11 and Windows Media Player 11 and 12 allows remote attackers to execute arbitrary code via a crafted media file, aka "WMV Video Decoder Remote Cod...

Windows Media Format Runtime Remote Code Execution Vulnerability (2847883)

This host is missing a critical security update according to Microsoft Bulletin MS13-057. OpenVAS Vulnerability Test $Id: secpodms13-057.nasl 5339 2017-02-18 16:28:22Z cfi $ Windows Media Format Runtime Remote Code Execution Vulnerability 2847883 Authors: Arun kallavi Thanga Prakash S on 2013-08-...

MS13-057: Vulnerability in Windows Media Format Runtime Could Allow Remote Code Execution (2847883)

The remote Windows host is potentially affected by a vulnerability that could allow remote code execution if a user opens a malicious media file. Successful exploitation of this vulnerability could allow an attacker to gain the same user rights as the local user. C Tenable Network Security, Inc...

MS10-033: Vulnerabilities in Media Decompression Could Allow Remote Code Execution (979902)

The remote Windows host has multiple unspecified code execution vulnerabilities related to media decompression. A remote attacker could exploit this by tricking a user into opening a specially crafted media file, resulting in arbitrary code execution. C Tenable Network Security, Inc...

Microsoft Media Decompression Remote Code Execution Vulnerability (979902)

This host is missing a critical security update according to Microsoft Bulletin MS10-033. OpenVAS Vulnerability Test $Id: secpodms10-033.nasl 5934 2017-04-11 12:28:28Z antu123 $ Microsoft Media Decompression Remote Code Execution Vulnerability 979902 Authors: Veerendra GG Updated By: Madhuri D on...

CVE-2010-1879

Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media Format Runtime 9, 9.5, and 11; Media Encoder 9; and the Asycfilt.dll COM component allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "Media Decompression Vulnerability."...

CVE-2010-1879

Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media Format Runtime 9, 9.5, and 11; Media Encoder 9; and the Asycfilt.dll COM component allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "Media Decompression Vulnerability."...

Microsoft Windows Media Format运行时库MP3元数据解析内存破坏漏洞（MS09-047）

BUGTRAQ ID: 36228 CVECAN ID: CVE-2009-2499 Windows Media Format Runtime用于向使用Windows Media内容的应用程序提供信息和工具。 Windows Media Format运行时环境在处理MP3文件时没有正确地处理特制的元数据，用户受骗打开了特制文件或从网站打开了特制的流内容就会触发内存破坏，导致执行任意指令。 Microsoft Windows Media Services 9.1 Microsoft Windows Media Services 2008 Microsoft Windows Media...

Microsoft Windows Media Format运行时库ASF头无效释放内存破坏漏洞（MS09-047）

BUGTRAQ ID: 36225 CVECAN ID: CVE-2009-2498 Windows Media Format Runtime用于向使用Windows Media内容的应用程序提供信息和工具。 Windows Media Format运行时环境在处理ASF文件头时存在错误，用户受骗打开了特制文件或从网站打开了特制的流内容就会触发对已释放内存的无效调用，导致执行任意指令。 Microsoft Windows Media Services 9.1 Microsoft Windows Media Services 2008 Microsoft Windows Media...

MS09-047: Windows Media Format Multiple Vulnerabilities (Windows Vista / Server 2008)

Binary data 5167.prm...

MS09-047: Windows Media Format Multiple Vulnerabilities (Windows 2000)

Binary data 5163.prm...

MS09-047: Windows Media Format Multiple Vulnerabilities (Windows Server 2003)

Binary data 5164.prm...

MS09-047: Windows Media Format Multiple Vulnerabilities (Windows XP 64-bit)

Binary data 5166.prm...

MS09-047: Windows Media Format Multiple Vulnerabilities (Windows XP 32-bit)

Binary data 5165.prm...

Microsoft Windows Media Format Remote Code Execution Vulnerability (973812)

This host is missing a critical security update according to Microsoft Bulletin MS09-047. OpenVAS Vulnerability Test $Id: secpodms09-047.nasl 9122 2018-03-17 14:01:04Z cfischer $ Microsoft Windows Media Format Remote Code Execution Vulnerability 973812 Authors: Antu Sanadi Updated By: Madhuri D o...

Microsoft Windows Media Format Remote Code Execution Vulnerability (973812)

This host is missing a critical security update according to Microsoft Bulletin MS09-047. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...