CVE-2009-0555

Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager ACM, does not properly process Advanced Systems Format ASF files, which allows remote attackers to execute arbitrary code via a crafted audio file that uses the...

3ivx MPEG-4 MP4 File Handling Stack Overflow (CVE-2007-6401)

MPEG-4 Part 14, formally ISO/IEC 14496-14:2003, is a multimedia container format standard specified as a part of MPEG-4. It is most commonly used to store digital audio and digital video streams, especially those defined by MPEG, but can also be used to store other data such as subtitles and stil...

VMnc Media Codec Multiple Heap Overflows (VMSA-2009-0012)

VMnc media codec is installed on the remote host. The codec is typically installed along with VMware Workstation, VMware Player, VMware ACE or in its standalone configuration by installing VMware Workstation Movie Decoder and is required to play movies recorded with VMware applications. The...

Heap overflow

Heap-based buffer overflow in the VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows might allow remote attacke...

Memory corruption

The VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows does not properly handle certain small heights in video...

CVE-2009-0199

Heap-based buffer overflow in the VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows might allow remote attacke...

CVE-2009-2628

The VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows does not properly handle certain small heights in video...

CVE-2009-2628

The VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows does not properly handle certain small heights in video...

CVE-2009-2628

The CVE-2009-2628 issue affects VMware VMnc codec (vmnc.dll) used by VMware Movie Decoder and related products. The root cause is heap memory corruption triggered by AVI files with certain small heights, enabling remote code execution on Windows when processed by vulnerable VMnc-based components ...

CVE-2009-0199

CVE-2009-0199 refers to a heap-based buffer overflow in the VMnc media codec (vmnc.dll) used by VMware Movie Decoder and related VMware products on Windows. The vulnerability can be triggered by a video file with crafted framebuffer dimensions, allowing remote code execution. Affected components ...

Secunia Research: VMWare VMnc Codec Mismatched Dimensions Buffer Overflow

====================================================================== Secunia Research 07/09/2009 - VMWare VMnc Codec Mismatched Dimensions Buffer Overflow - ====================================================================== Table of Contents Affected...

VMSA-2009-0012 VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2009-0012 Synopsis: VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues. Issue date:...

VMware VMnc AVI video codec image height heap overflow

Overview The VMware VMnc video codec fails to properly handle the image height value in AVI files, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Several VMware products include the ability to create and play movies of running...

VMSA-2009-0012:VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues.

VMSA-2009-0012 VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues. VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2009-0012 VMware Security Advisory Synopsis: VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE...

libvorbis: Improper codec headers processing (DoS, ACE)

libvorbis before r16182, as used in Mozilla Firefox 3.5.x before 3.5.2 and other products, allows context-dependent attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via a crafted .ogg file...

CVE-2009-0959

The MPEG-4 video codec in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service device reset via a crafted MPEG-4 video file that triggers an "input validation issue."...

CVE-2009-0959

CVE-2009-0959 affects Apple iPhone OS 1.0–2.2.1 and iPhone OS for iPod touch 1.1–2.2.1. The vulnerability is in the MPEG-4 video codec and is caused by an input validation issue in a crafted MPEG-4 video file, leading to a denial of service (device reset). Exploitation details are not provided in...

CVE-2009-0959

The MPEG-4 video codec in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service device reset via a crafted MPEG-4 video file that triggers an "input validation issue."...

Mac OS X malware posing as fake video codec

From ZDNet Dancho Danchev Researchers from ParetoLogic are reporting on a newly discovered Mac OS X malware variant posing as fake video ActiveX object paretologic.com found at a bogus Macintosh PortTube site. The use of fake video codecs is a social engineering tactic exclusively used by malware...

Apple Quicktime FIRE Codec Heap Buffer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when the application...