Windows Media Format Runtime Security Vulnerabilities and Issues — Windows Media Format Runtime CVE List

MicrosoftWindows Media Format Runtime

8 matches found

CVE•added 2009/09/08 10:0 p.m.•91 views

CVE-2009-2498

The CVE-2009-2498 entry corresponds to a code-execution vulnerability in Microsoft Windows Media Format Runtime (versions 9.0, 9.5, 11) and Windows Media Services 9.1/2008, triggered by parsing malformed ASF/WMV/WMA headers. Connected advisories (e.g., CPAI-2014-1114; OpenVAS 901012) corroborate ...

9.3CVSS7.4AI score0.2121EPSS

CVE•added 2009/09/08 10:0 p.m.•89 views

CVE-2009-2499

The CVE-2009-2499 issue affects Microsoft Windows components: Windows Media Format Runtime versions 9.0, 9.5, and 11, and Windows Media Foundation on Windows Vista (Gold, SP1, SP2) and Server 2008. The vulnerability arises when processing MP3 files with crafted metadata, triggering memory corrupt...

8.5CVSS7.5AI score0.15546EPSS

CVE•added 2009/10/14 10:0 a.m.•79 views

CVE-2009-0555

CVE-2009-0555 is a Windows Media Runtime issue affecting the ASF handling in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and ACM. The flaw allows remote code execution via a crafted ASF audio file that uses the Windows Media Speech codec, as described in multiple sources (MS09-...

9.3CVSS7.2AI score0.27086EPSS

CVE•added 2010/06/08 10:0 p.m.•76 views

CVE-2010-1879

CVE-2010-1879 corresponds to a remote code execution vulnerability in Microsoft DirectShow/Media Decompression. The issue affects Quartz.dll (DirectShow), Windows Media Format Runtime versions 9, 9.5, 11, Media Encoder 9, and Asycfilt.dll, where specially crafted media data (notably MJPEG in AVI ...

9.3CVSS7.5AI score0.20284EPSS

CVE•added 2009/10/14 10:0 a.m.•75 views

CVE-2009-2525

CVE-2009-2525 is the Windows History: The Windows Media Runtime Heap Corruption Vulnerability. A remote code execution flaw exists in Windows Media Runtime (DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager) caused by improper initialization of unspecifi...

9.3CVSS7.4AI score0.23318EPSS

CVE•added 2008/12/10 1:33 p.m.•59 views

CVE-2008-3009

The CVE-2008-3009 issue affects Windows Media components: Windows Media Player 6.4, Windows Media Format Runtime (7.1–11), and Windows Media Services (4.1, 9, 2008). It stems from improper handling of SPNs during NTLM authentication, enabling a remote attacker to perform credential reflection and...

10CVSS7.6AI score0.1583EPSS

CVE•added 2013/07/10 1:0 a.m.•55 views

CVE-2013-3127

The CVE-2013-3127 issue affects the Windows Media Format Runtime components: wmv9vcm.dll, wmvdmod.dll (WMV9/9.5) and wmvdecod.dll (WMV11/WM Player 11/12). The underlying problem is a remote code execution vulnerability triggered by parsing crafted media files, enabling an attacker to run arbitrar...

9.3CVSS8AI score0.2191EPSS

CVE•added 2007/12/12 12:0 a.m.•48 views

CVE-2007-0064

The CVE-2007-0064 entry concerns a heap-based buffer overflow in the Windows Media Format Runtime (and Windows Media Services) ASF parsing code. A remote attacker could exploit this by delivering a specially crafted ASF file, potentially allowing arbitrary code execution on affected systems. Affe...

9.3CVSS7.7AI score0.35976EPSS