Executive Summary
Summary | |
---|---|
Title | Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682) |
Informations | |||
---|---|---|---|
Name | MS09-051 | First vendor Publication | 2009-10-13 |
Vendor | Microsoft | Last vendor Modification | 2009-11-10 |
Severity (Vendor) | Critical | Revision | 2.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V2.0 (November 10, 2009): Bulletin revised to communicate the rerelease of the update for Audio Compression Manager on Microsoft Windows 2000 Service Pack 4 to fix a detection issue. This is a detection change only; there were no changes to the binaries. Customers who have successfully updated their systems do not need to reinstall this update. Also corrected the registry key verification for DirectShow WMA Voice Codec on Windows Server 2003.Summary: This security update resolves two privately reported vulnerabilities in Windows Media Runtime. The vulnerabilities could allow remote code execution if a user opened a specially crafted media file or received specially crafted streaming content from a Web site or any application that delivers Web content. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
Original Source
Url : http://www.microsoft.com/technet/security/bulletin/MS09-051.mspx |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:6407 | |||
Oval ID: | oval:org.mitre.oval:def:6407 | ||
Title: | Windows Media Runtime Voice Sample Rate Vulnerability | ||
Description: | Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly process Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted audio file that uses the Windows Media Speech codec, aka "Windows Media Runtime Voice Sample Rate Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-0555 | Version: | 10 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | Windows Media Format Runtime 9.0 Windows Media Format Runtime 9.5 Windows Media Format Runtime 11 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:6484 | |||
Oval ID: | oval:org.mitre.oval:def:6484 | ||
Title: | Windows Media Runtime Heap Corruption Vulnerability | ||
Description: | Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly initialize unspecified functions within compressed audio files, which allows remote attackers to execute arbitrary code via (1) a crafted media file or (2) crafted streaming content, aka "Windows Media Runtime Heap Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-2525 | Version: | 10 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | Windows Media Format Runtime 9.0 Windows Media Format Runtime 9.5 Windows Media Format Runtime 11 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-14 | Name : Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (9... File : nvt/secpod_ms09-051.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
58845 | Microsoft Windows Media Runtime Compressed Audio File Handling Heap Corruptio... |
58844 | Microsoft Windows Media Player ASF Runtime Voice Sample Rate Handling Arbitra... |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2009-10-15 | IAVM : 2009-A-0091 - Multiple Vulnerabilities in Microsoft Windows Media Runtime Severity : Category II - VMSKEY : V0021744 |
Snort® IPS/IDS
Date | Description |
---|---|
2016-11-08 | Microsoft Windows Media Runtime malformed ASF codec memory corruption attempt RuleID : 40354 - Revision : 2 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows malformed ASF voice codec memory corruption attempt RuleID : 23578 - Revision : 4 - Type : FILE-OTHER |
2014-01-10 | Microsoft Windows Media Runtime malformed ASF codec memory corruption attempt RuleID : 16158 - Revision : 9 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows malformed ASF voice codec memory corruption attempt RuleID : 16157 - Revision : 10 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2009-10-13 | Name : Arbitrary code can be executed on the remote host through opening a Windows M... File : smb_nt_ms09-051.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:46:20 |
|
2014-01-19 21:30:22 |
|
2013-11-11 12:41:13 |
|