CVE-2010-3138

Untrusted search path vulnerability in the Indeo Codec in iac2532.ax in Microsoft Windows XP SP3 allows local users to gain privileges via a Trojan horse iacenc.dll file in the current working directory, as demonstrated by access through BS.Player or Media Player Classic to a directory that...

Design/Logic Flaw

Untrusted search path vulnerability in the Indeo Codec in iac2532.ax in Microsoft Windows XP SP3 allows local users to gain privileges via a Trojan horse iacenc.dll file in the current working directory, as demonstrated by access through BS.Player or Media Player Classic to a directory that...

CVE-2010-3138

The CVE-2010-3138 issue affects Microsoft Windows XP SP3 with the Indeo Codec (iac25_32.ax) loading an insecure library (iacenc.dll) from the current working directory, enabling local privilege escalation via crafted .avi/.mka/.ra/.ram files (e.g., through players like BS.Player or Media Player C...

CVE-2010-3138

Untrusted search path vulnerability in the Indeo Codec in iac2532.ax in Microsoft Windows XP SP3 allows local users to gain privileges via a Trojan horse iacenc.dll file in the current working directory, as demonstrated by access through BS.Player or Media Player Classic to a directory that...

ffdshow Video CODEC Denial Of Service

!/usr/bin/perl Exploit Title: Malformed MP4 Local DoS for ffdshow Video Codec tryouts rev. 3467 20100713 x86 Date: 08/08/2010 Author: Nishant Das Patnaik Web: http://nishantdaspatnaik.yolasite.com Software Link: ftp://majorgeeks.mirror.internode.on.net/multimedia/K-LiteCodecPack620Mega.exe Versio...

CVE-2010-2553

The Cinepak codec in Microsoft Windows XP SP2 and SP3, Windows Vista SP1 and SP2, and Windows 7 does not properly decompress media files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Cinepak Codec Decompression Vulnerability."...

CVE-2010-1882

Multiple buffer overflows in the MPEG Layer-3 Audio Codec for Microsoft DirectShow in l3codecx.ax in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary code via an MPEG Layer-3 audio stream in 1 a crafted media file or 2 crafted streaming content, aka...

Buffer overflow

Multiple buffer overflows in the MPEG Layer-3 Audio Codec for Microsoft DirectShow in l3codecx.ax in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary code via an MPEG Layer-3 audio stream in 1 a crafted media file or 2 crafted streaming content, aka...

Design/Logic Flaw

The Cinepak codec in Microsoft Windows XP SP2 and SP3, Windows Vista SP1 and SP2, and Windows 7 does not properly decompress media files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Cinepak Codec Decompression Vulnerability."...

CVE-2010-2553

The Cinepak codec in Microsoft Windows XP SP2 and SP3, Windows Vista SP1 and SP2, and Windows 7 does not properly decompress media files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Cinepak Codec Decompression Vulnerability."...

CVE-2010-1882

CVE-2010-1882 corresponds to a memory corruption/buffer overflow in the Microsoft DirectShow MPEG Layer-3 Audio Codec (l3codecx.ax). The vulnerability exists in the MPEG Layer-3 codec used by Windows Media/DirectShow and can be triggered by a specially crafted MPEG‑L3 audio stream in a media file...

CVE-2010-2553

The CVE-2010-2553 issue affects the Cinepak codec (iccvid.dll) used by Windows XP SP2/SP3, Vista SP1/SP2, and Windows 7. A flaw in how the Cinepak codec decompresses certain media files allows remote attackers to execute arbitrary code by convincing a user to open a crafted file. Microsoft releas...

CVE-2010-1882

Multiple buffer overflows in the MPEG Layer-3 Audio Codec for Microsoft DirectShow in l3codecx.ax in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary code via an MPEG Layer-3 audio stream in 1 a crafted media file or 2 crafted streaming content, aka...

Remote Code Execution Vulnerability in Cinepak Codec (982665)

This host is missing a critical security update according to Microsoft Bulletin MS10-055. OpenVAS Vulnerability Test $Id: secpodms10-055.nasl 5934 2017-04-11 12:28:28Z antu123 $ Remote Code Execution Vulnerability in Cinepak Codec 982665 Authors: Veerendra GG Updated By: Madhuri D on 2010-09-11 -...

Microsoft Windows Cinepak codec memory corruption

Memory corruption on data decompression...

ZDI-10-148: Microsoft Cinepak Codec CVDecompress Remote Code Execution Vulnerability

ZDI-10-148: Microsoft Cinepak Codec CVDecompress Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-148 August 10, 2010 -- CVE ID: CVE-2010-2553 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Microsoft -- Affected Products: Microsoft File Format...

Microsoft Security Bulletin MS10-055 - Critical Vulnerability in Cinepak Codec Could Allow Remote Code Execution (982665)

Microsoft Security Bulletin MS10-055 - Critical Vulnerability in Cinepak Codec Could Allow Remote Code Execution 982665 Published: August 10, 2010 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in Cinepak Codec. The vulnerabilit...

MS10-055: Vulnerability in Cinepak Codec Could Allow Remote Code Execution (982665)

The Cinepak codec on the remote host has an unspecified code execution vulnerability. A remote attacker could exploit this by tricking a user into opening a specially crafted media file, resulting in arbitrary code execution. C Tenable Network Security, Inc. include"compat.inc"; if description...

Remote Code Execution Vulnerability in Cinepak Codec (982665)

This host is missing a critical security update according to Microsoft Bulletin MS10-055. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft MPEG Layer-3 Codecs Memory Corruption (MS10-052; CVE-2010-1882)

Microsoft DirectShow is used for streaming media on Microsoft Windows operating systems. A remote code execution vulnerability has been reported in the Microsoft DirectShow MP3 filter. The vulnerability is within the MPEG Layer-3 Audio Codec for Microsoft DirectShow l3codecx.ax. The Microsoft MPE...