Microsoft » Windows 2003 Server : Security Vulnerabilities, CVEs, Published In December 2009 (Code Execution)
ir32_32.dll 3.24.15.3 in the Indeo32 codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service (heap corruption) or execute arbitrary code via malformed data in a stream in a media file, as demonstrated by an AVI file.
Max CVSS
9.3
EPSS Score
10.41%
Published
2009-12-13
Updated
2017-09-19
Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Dave Lenoe of Adobe.
Max CVSS
9.3
EPSS Score
6.73%
Published
2009-12-13
Updated
2017-09-19
Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Paul Byrne of NGS Software. NOTE: this might overlap CVE-2008-3615.
Max CVSS
9.3
EPSS Score
6.73%
Published
2009-12-13
Updated
2017-09-19
Stack-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted compressed video data in an IV41 stream in a media file, leading to many loop iterations, as demonstrated by data in an AVI file.
Max CVSS
9.3
EPSS Score
9.56%
Published
2009-12-13
Updated
2018-10-10
Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a large size value in a movi record in an IV41 stream in a media file, as demonstrated by an AVI file.
Max CVSS
9.3
EPSS Score
9.56%
Published
2009-12-13
Updated
2018-10-10
5 vulnerabilities found