CVE-2009-4310

Stack-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted compressed video data in an IV41 stream in a media file, leading to many loop iterations...

CVE-2009-4313

The CVE-2009-4313 issue affects the Microsoft Windows Indeo32 codec (ir32_32.dll 3.24.15.3) in Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. The underlying flaw is malformed data in a stream within media files (e.g., AVI), which can lead to heap corruption and allow remote code execution or ...

CVE-2009-4311

CVE-2009-4311 describes an unspecified vulnerability in Microsoft's Indeo codec used by Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2, enabling remote code execution via crafted media content. Connected documents reference multiple SoCs (OpenVAS/NVD) and Microsoft security advisories (KB95575...

CVE-2009-4313

ir3232.dll 3.24.15.3 in the Indeo32 codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service heap corruption or execute arbitrary code via malformed data in a stream in a media file, as demonstrated by an AVI file...

CVE-2009-4312

Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Dave Lenoe of Adobe...

CVE-2009-4312

CVE-2009-4312 concerns the Microsoft Windows Indeo codec and, per the provided documents, describes an unspecified vulnerability in the Indeo codec on Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2 that could allow remote code execution via crafted media content. The OpenVAS entries also refer...

In Rare Move, MS Disables Old Code

Microsoft has decided to disable a 17-year-old video codec in older versions of Windows rather than patch multiple vulnerabilities, according to the company’s security team. Read the full article. Computerworld...

iDefense Security Advisory 12.08.09: Microsoft Windows Indeo32 Codec Parsing Heap Corruption Vulnerability

iDefense Security Advisory 12.08.09 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 08, 2009 I. BACKGROUND Indeo Video is a video codec developed by Intel and included in Microsoft Windows. For more information about Indeo codec, please the visit following website:...

ZDI-09-090: Microsoft Windows Intel Indeo Codec Parsing Stack Overflow Vulnerability

ZDI-09-090: Microsoft Windows Intel Indeo Codec Parsing Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-090 December 8, 2009 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Windows 2000 SP4 Microsoft Windows XP SP3 Microsoft Windows 2003 SP2 --...

Microsoft Security Advisory (954157) Security Enhancements for the Indeo Codec

Microsoft Security Advisory 954157 Security Enhancements for the Indeo Codec Published: December 08, 2009 Version: 1.0 General Information Executive Summary Microsoft is announcing the availability of an update that provides security mitigations to the Indeo codec on supported editions of Microso...

Fortinet Advisory: Fortinet Discovers Vulnerability in Indeo Codec

Fortinet Discovers Vulnerability in Indeo Codec 2009.December.08 Summary: Fortinet's FortiGuard Labs Discovers Memory Corruption Vulnerability in Indeo Codec. Impact: Remote Code Execution. Risk: Critical. Affected Software: For a list of operating system and product versions affected, please see...

ZDI-09-089: Microsoft Windows Intel Indeo Codec Parsing Heap Overflow Vulnerability

ZDI-09-089: Microsoft Windows Intel Indeo Codec Parsing Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-089 December 8, 2009 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Windows 2000 SP4 Microsoft Windows XP SP3 Microsoft Windows 2003 SP2 --...

MS KB955759: Security Enhancements for the Indeo Codec

The remote host is missing KB955759. This KB mitigates multiple vulnerabilities in the Indeo video codec by preventing it from being used by Internet Explorer or Windows Media Player. A remote attacker can exploit these issues by tricking a user into viewing a maliciously crafted video file,...

Microsoft Windows Intel Indeo Codec Parsing Heap Overflow Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Windows Media Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Inte...

Microsoft Windows Intel Indeo Codec Parsing Stack Overflow Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Windows Media Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Inte...

Debian Security Advisory DSA 1939-1 (libvorbis)

The remote host is missing an update to libvorbis announced via advisory DSA 1939-1. OpenVAS Vulnerability Test $Id: deb19391.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1939-1 libvorbis Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

DSA-1939-1 libvorbis - several vulnerabilities

Bulletin has no description...

VulnCheck KEV: CVE-2009-0555

Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager ACM, does not properly process Advanced Systems Format ASF files, which allows remote attackers to execute arbitrary code via a crafted audio file that uses...

Heap overflow

Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager ACM, does not properly initialize unspecified functions within compressed audio files, which allows remote attackers to execute arbitrary code via 1 a crafted...

CVE-2009-0555

CVE-2009-0555 is a Windows Media Runtime issue affecting the ASF handling in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and ACM. The flaw allows remote code execution via a crafted ASF audio file that uses the Windows Media Speech codec, as described in multiple sources (MS09-...