CVE-2009-2498
9.3
Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
Exploitability: 8.6 / Impact: 10.0
Source: NVD
Description
Microsoft Windows Media Format Runtime 9.0, 9.5, and 11 and Windows Media Services 9.1 and 2008 do not properly parse malformed headers in Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted (1) .asf, (2) .wmv, or (3) .wma file, aka "Windows Media Header Parsing Invalid Free Vulnerability."
Affected (24)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 9.0 | |
| All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 9.5 |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version 9.5 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 11 | |
| All versions | |
| All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Version 9.1 | |
| All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2008 |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| All versions | |
| All versions | |
| All versions |
References (6)
Source: secure@microsoft.com
US Government Resource
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.