Executive Summary
| Summary | |
|---|---|
| Title | Vulnerability in Microsoft MPEG Layer |
| Informations | |||
|---|---|---|---|
| Name | MS10-052 | First vendor Publication | 2010-08-10 |
| Vendor | Microsoft | Last vendor Modification | 2010-08-10 |
| Severity (Vendor) | Critical | Revision | 1.0 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 9.3 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Revision Note: V1.0 (August 10, 2010): Bulletin published.Summary: This security update resolves a privately reported vulnerability in Microsoft MPEG Layer-3 audio codecs. The vulnerability could allow remote code execution if a user opens a specially crafted media file or receives specially crafted streaming content from a Web site or any application that delivers Web content. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
Original Source
| Url : http://www.microsoft.com/technet/security/bulletin/MS10-052.mspx |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:11585 | |||
| Oval ID: | oval:org.mitre.oval:def:11585 | ||
| Title: | MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability | ||
| Description: | Multiple buffer overflows in the MPEG Layer-3 Audio Codec for Microsoft DirectShow in l3codecx.ax in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary code via an MPEG Layer-3 audio stream in (1) a crafted media file or (2) crafted streaming content, aka "MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2010-1882 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Os | 1 | |
| Os | 1 | |
| Os | 2 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2010-08-11 | Name : Microsoft Window MPEG Layer-3 Remote Code Execution Vulnerability (2115168) File : nvt/secpod_ms10-052.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 66985 | Microsoft Windows MPEG Layer-3 Audio Stream Decoding Overflow Microsoft Windows contains a flaw that may exists in the way that Microsoft DirectShow MP3 filter handles supported format files.. This could allow code execution if a user opened a specially crafted audio file. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2010-08-12 | IAVM : 2010-A-0107 - Microsoft MPEG Layer-3 Codecs Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0025061 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2018-02-03 | Microsoft Windows MPEG Layer-3 audio heap corruption attempt RuleID : 45316 - Revision : 1 - Type : FILE-OTHER |
| 2018-02-03 | Microsoft Windows MPEG Layer-3 audio heap corruption attempt RuleID : 45315 - Revision : 1 - Type : FILE-OTHER |
| 2014-01-10 | Microsoft Windows MPEG Layer-3 audio heap corruption attempt RuleID : 19144 - Revision : 14 - Type : FILE-OTHER |
| 2014-01-10 | Microsoft Windows MPEG Layer-3 audio heap corruption attempt RuleID : 18463 - Revision : 16 - Type : FILE-OTHER |
| 2014-01-10 | Microsoft Windows MPEG Layer-3 audio heap corruption attempt RuleID : 17117 - Revision : 17 - Type : FILE-MULTIMEDIA |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2010-08-11 | Name : An audio codec on the remote Windows host has a buffer overflow vulnerability. File : smb_nt_ms10-052.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:46:38 |
|
| 2014-01-19 21:30:30 |
|
| 2013-11-11 12:41:18 |
|
