SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Multimedia)  >   Windows DLL (Any) Vendors:   Microsoft
Windows Media File Processing Flaw in Handling AVI Files Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1022711
SecurityTracker URL:  http://securitytracker.com/id/1022711
CVE Reference:   CVE-2009-1545, CVE-2009-1546   (Links to External Site)
Date:  Aug 11 2009
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   Two vulnerabilities were reported in Windows Media file processing. A remote user can cause arbitrary code to be executed on the target user's system.

A remote user can create a specially crafted AVI file that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.

Specially crafted headers can trigger code execution [CVE-2009-1545].

A specially crafted file can trigger an integer overflow [CVE-2009-1546].

Windows Media Player is not affected.

Vinay Anantharaman of Adobe Systems, Inc. reported these vulnerabilities.

Impact:   A remote user can create an AVI file that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution:   The vendor has issued the following fixes:

Microsoft Windows 2000 Service Pack 4:

http://www.microsoft.com/downloads/details.aspx?familyid=5f80bf0b-898c-46ca-b20c-21e0e729c332

Windows XP Service Pack 2 and Windows XP Service Pack 3:

http://www.microsoft.com/downloads/details.aspx?familyid=2e8a68ee-eb24-424c-b084-450636ccaeec

Windows XP Professional x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=a1ff2ace-b9dc-4cf3-a151-ac6959bcb3a6

Windows Server 2003 Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=cba78658-899c-428f-8b04-cfe14ce3c255

Windows Server 2003 x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=58a7c8d9-ec36-46a6-a89b-d8dfd989fda4

Windows Server 2003 with SP2 for Itanium-based Systems:

http://www.microsoft.com/downloads/details.aspx?familyid=187b02bd-73d6-4f72-81d1-d9477d495499

Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=81fce7bd-f33c-4586-949d-ac40d415f755

Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=a6cea61a-4ad9-4e18-bf18-348ae4ae51c4

Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=fdc96a07-ed79-4798-8077-b2e9ca64cd0f

Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=8e3afba4-6761-4b3d-98bb-4b4145e27b7f

Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=aa1bb13a-5905-48c4-8e74-a41104593046

A restart is required.

The Microsoft advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms09-038.mspx

Vendor URL:  www.microsoft.com/technet/security/bulletin/ms09-038.mspx (Links to External Site)
Cause:   Boundary error
Underlying OS:  Windows (2000), Windows (2003), Windows (2008), Windows (Vista), Windows (XP)
Underlying OS Comments:  2000 SP4, 2003 SP2, XP SP3, Vista SP2, 2008 SP2; and prior service packs

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC