ZDI-10-008: RealNetworks RealPlayer SIPR Codec Remote Code Execution Vulnerability

ZDI-10-008: RealNetworks RealPlayer SIPR Codec Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-008 January 21, 2010 -- CVE ID: CVE-2009-4244 -- Affected Vendors: RealNetworks -- Affected Products: RealNetworks RealPlayer -- TippingPointTM IPS Customer...

RealNetworks RealPlayer SIPR Codec Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute code on vulnerable installations of RealNetworks RealPlayer. User interaction is required in that a user must open a malicious file or visit a malicious web site. The specific flaw exists during the parsing of SIPR codec fields. Specifying a...

QvodPlayer ColorFilter Codec ActiveX Remote Exec

QvodPlayer ColorFilter Codec ActiveX Remote Exec Download : http://www.qvod.com Vulnerability: object id=TestObj classid="CLSID:432F118C-DB79-4561-9799-CC95EA78208B" style="width:100;height:350"/object Tested on XpSP2 IE6/7 Discoverd By: Securitylab.ir Website: http://securitylab.ir Contacts:...

QvodPlayer ColorFilter Codec ActiveX Remote Exec 0day POC

No description provided by source. Exploit Title: QvodPlayer ColorFilter Codec ActiveX Remote Exec 0day POC Date: 2010.01.17 Author: superli Software Link: http://www.qvod.com/ Version: 3.5.0 Tested on: xpsp3 ie6 most of the video player contain the ColoeFilter codec which offered by...

Microsoft Windows Indeo Codec Multiple Vulnerabilities

Microsoft Windows Indeo codec is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Indeo Codec Multiple Vulnerabilities

This host is installed with Microsoft Windows Indeo codec and prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmsindeocodecmultvuln.nasl 5363 2017-02-20 13:07:22Z cfi $ Microsoft Windows Indeo Codec Multiple Vulnerabilities Authors: Antu Sanadi Copyright: Copyright c 2009...

Design/Logic Flaw

Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Paul Byrne of NGS Software. NOTE: this might overlap CVE-2008-3615...

Heap overflow

ir3232.dll 3.24.15.3 in the Indeo32 codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service heap corruption or execute arbitrary code via malformed data in a stream in a media file, as demonstrated by an AVI file...

Stack overflow

Stack-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted compressed video data in an IV41 stream in a media file, leading to many loop iterations...

Memory corruption

The Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via crafted media content...

CVE-2009-4313

ir3232.dll 3.24.15.3 in the Indeo32 codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service heap corruption or execute arbitrary code via malformed data in a stream in a media file, as demonstrated by an AVI file...

CVE-2009-4309

Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a large size value in a movi record in an IV41 stream in a media file, as demonstrated by an AVI...

CVE-2009-4310

Stack-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted compressed video data in an IV41 stream in a media file, leading to many loop iterations...

CVE-2009-4210

The Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via crafted media content...

CVE-2009-4312

Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Dave Lenoe of Adobe...

CVE-2009-4311

Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Paul Byrne of NGS Software. NOTE: this might overlap CVE-2008-3615...

CVE-2009-4311

Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Paul Byrne of NGS Software. NOTE: this might overlap CVE-2008-3615...

CVE-2009-4210

The Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via crafted media content...

CVE-2009-4210

CVE-2009-4210 describes memory corruption in the Microsoft Windows Indeo codec exposed by crafted media content, affecting Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. The OpenVAS entries corroborate multiple vulnerabilities in the Indeo codec and list CVE-2009-4210 among the affected vulne...

CVE-2009-4309

CVE-2009-4309 describes a heap-based buffer overflow in the Intel Indeo41 codec used by Windows Media Player, affecting Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. The flaw arises from missing bounds checking on a size field in the IV41/movi record of an IV41 stream, permitting remote atta...