9 matches found
CVE-2009-2498
The CVE-2009-2498 entry corresponds to a code-execution vulnerability in Microsoft Windows Media Format Runtime (versions 9.0, 9.5, 11) and Windows Media Services 9.1/2008, triggered by parsing malformed ASF/WMV/WMA headers. Connected advisories (e.g., CPAI-2014-1114; OpenVAS 901012) corroborate ...
CVE-2009-2499
The CVE-2009-2499 issue affects Microsoft Windows components: Windows Media Format Runtime versions 9.0, 9.5, and 11, and Windows Media Foundation on Windows Vista (Gold, SP1, SP2) and Server 2008. The vulnerability arises when processing MP3 files with crafted metadata, triggering memory corrupt...
CVE-2008-3009
The CVE-2008-3009 issue affects Windows Media components: Windows Media Player 6.4, Windows Media Format Runtime (7.1–11), and Windows Media Services (4.1, 9, 2008). It stems from improper handling of SPNs during NTLM authentication, enabling a remote attacker to perform credential reflection and...
CVE-2000-0495
Microsoft Windows Media Encoder is affected by CVE-2000-0495, which allows remote attackers to cause a denial of service via a malformed request. The vulnerability is network-exploitable with no authentication and has an impact on availability (base score 5.0, CVSS2: AV:N/AC:L/Au:N/C:N/I:N/A:P). ...
CVE-2007-0064
The CVE-2007-0064 entry concerns a heap-based buffer overflow in the Windows Media Format Runtime (and Windows Media Services) ASF parsing code. A remote attacker could exploit this by delivering a specially crafted ASF file, potentially allowing arbitrary code execution on affected systems. Affe...
CVE-2003-0905
CVE-2003-0905 describes a remote denial-of-service vulnerability in Windows Media Services 4.1 on Windows 2000 Server, affecting the Windows Media Station Service and Windows Media Monitor Service. A remote, unauthenticated attacker can send a specially crafted sequence of TCP/IP packets to the s...
CVE-2000-0849
The CVE-2000-0849 entry describes a race condition in Microsoft Windows Media server that allows remote attackers to cause a denial of service in the Windows Media Unicast Service through a malformed request, aka the Unicast Service Race Condition vulnerability. Affected component is the Windows ...
CVE-2001-0083
Windows Media Unicast Service in Windows Media Services 4.0 and 4.1 is affected. The issue is a memory leak caused by improper shutdown of certain connections, which can allow a remote attacker to cause a denial of service via a sequence of severed connections. The available documents describe th...
CVE-2000-0211
CVE-2000-0211 affects Microsoft Windows Media Server; a DoS can be triggered by a sequence of misordered handshake packets to the Windows Media Service (the OpenVAS/NASL entry notes port 1755). The underlying issue is a malformed/incorrect handshake sequence that can crash the server. Description...