102 matches found
Microsoft MPEG Layer-3 Remote Command Execution Exploit
Exploit for windows platform in category remote exploits ======================================================= Microsoft MPEG Layer-3 Remote Command Execution Exploit ======================================================= Title : Microsoft MPEG Layer-3 Audio Decoder Division By Zero Version :...
Microsoft MPEG Layer-3 - Remote Command Execution
''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | param name="tran...
Microsoft MPEG Layer-3 - Remote Command Execution
Microsoft MPEG Layer-3 - Remote Command Execution ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | par...
CVE-2010-1882
Multiple buffer overflows in the MPEG Layer-3 Audio Codec for Microsoft DirectShow in l3codecx.ax in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary code via an MPEG Layer-3 audio stream in 1 a crafted media file or 2 crafted streaming content, aka...
Buffer overflow
Multiple buffer overflows in the MPEG Layer-3 Audio Codec for Microsoft DirectShow in l3codecx.ax in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary code via an MPEG Layer-3 audio stream in 1 a crafted media file or 2 crafted streaming content, aka...
CVE-2010-1882
Multiple buffer overflows in the MPEG Layer-3 Audio Codec for Microsoft DirectShow in l3codecx.ax in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary code via an MPEG Layer-3 audio stream in 1 a crafted media file or 2 crafted streaming content, aka...
CVE-2010-1882
CVE-2010-1882 corresponds to a memory corruption/buffer overflow in the Microsoft DirectShow MPEG Layer-3 Audio Codec (l3codecx.ax). The vulnerability exists in the MPEG Layer-3 codec used by Windows Media/DirectShow and can be triggered by a specially crafted MPEG‑L3 audio stream in a media file...
Microsoft Security Bulletin MS10-052 - Critical Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution (2115168)
Microsoft Security Bulletin MS10-052 - Critical Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution 2115168 Published: August 10, 2010 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in Microsoft MPEG...
MS10-052: Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution (2115168)
The MPEG Layer-3 Audio Codec for Microsoft DirectShow l3codecx.ax, which is distributed as part of Windows Media as well as the Windows operating system, contains a buffer overflow vulnerability that can be triggered by a specially crafted MPEG Layer-3 audio stream. If an attacker can trick a use...
Microsoft MPEG Layer-3 Codecs Memory Corruption (MS10-052; CVE-2010-1882)
Microsoft DirectShow is used for streaming media on Microsoft Windows operating systems. A remote code execution vulnerability has been reported in the Microsoft DirectShow MP3 filter. The vulnerability is within the MPEG Layer-3 Audio Codec for Microsoft DirectShow l3codecx.ax. The Microsoft MPE...
Immunity Canvas: MS10_026
Name| ms10026 ---|--- CVE| CVE-2010-0480 Exploit Pack| CANVAS Description| MPEG Layer-3 codecs stack overflow Notes| CVE Name: CVE-2010-0480 VENDOR: Microsoft MSADV: MS10-026 Repeatability: One Shot MSRC: http://www.microsoft.com/technet/security/Bulletin/MS10-026.mspx Note: This is a client-side...
Stack overflow
Multiple stack-based buffer overflows in the MPEG Layer-3 audio codecs in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to execute arbitrary code via a crafted AVI file, aka "MPEG Layer-3 Audio Decoder...
CVE-2010-0480
Multiple stack-based buffer overflows in the MPEG Layer-3 audio codecs in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to execute arbitrary code via a crafted AVI file, aka "MPEG Layer-3 Audio Decoder...
Microsoft MPEG Layer-3 Codecs Remote Code Execution Vulnerability (977816)
This host is missing a critical security update according to Microsoft Bulletin MS10-026. OpenVAS Vulnerability Test $Id: secpodms10-026.nasl 5934 2017-04-11 12:28:28Z antu123 $ Microsoft MPEG Layer-3 Codecs Remote Code Execution Vulnerability 977816 Authors: Madhuri D Updated By: Madhuri D on...
Microsoft MPEG Layer-3 Codecs Remote Code Execution Vulnerability (977816)
This host is missing a critical security update according to Microsoft Bulletin MS10-026. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
MS10-026: Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution (977816)
The Microsoft MPEG Layer-3 MP3 codecs have a buffer overflow vulnerability that is triggered by opening a specially crafted AVI file with an MP3 audio stream. A remote attacker could exploit this by tricking a user into opening a malicious AVI file, which would lead to arbitrary code execution. C...
Microsoft MPEG Layer-3 Audio Decoder Stack Overflow (MS10-026; CVE-2010-0480)
MPEG Layer-3 audio codecs are the MPEG Layer-3 Audio Codec for Microsoft DirectShow l3codecx.ax and the Fraunhofer IIS MPEG Layer-3 ACM codecs L3codeca.acm and L3codecp.acm. These MPEG Layer-3 audio codecs are provided along with Windows Media files on affected versions of Microsoft Windows. A...
Microsoft Windows MP3 File Media Playback Memory Corruption (MS09-047; CVE-2009-2499)
MPEG-1 Audio Layer 3 MP3 is a file format which uses lossy compression to compress audio information. A remote code execution vulnerability has been reported in the way Microsoft Windows handles specially crafted MP3 media files. The vulnerability is due the Windows component responsible for...
GLSA-200904-15 : mpg123: User-assisted execution of arbitrary code
The remote host is affected by the vulnerability described in GLSA-200904-15 mpg123: User-assisted execution of arbitrary code The vendor reported a signedness error in the storeid3text function in id3.c, allowing for out-of-bounds memory access. Impact : A remote attacker could entice a user to...
Security Best Practice: Familiarize Yourself with the Packet Sanity Protection
The Packet Sanity protection performs several Layer 3 and Layer 4 sanity checks. These include verifying packet size, UDP and TCP header lengths, dropping IP options and verifying the TCP flags.Numerous types of attacks may be hidden in fragmented packets...