Oval Definition:oval:org.mitre.oval:def:12188
Revision Date:2010-12-20Version:19
Title:Heap-based buffer overflow in the Intel Indeo41 codec
Description:Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a large size value in a movi record in an IV41 stream in a media file, as demonstrated by an AVI file.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2009-4309
Platform(s):Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s):
Definition Synopsis
  • Vulnerable Microsoft Windows 2000 SP4 or later
  • Microsoft Windows 2000 SP4 or later is installed
  • AND the version of Aclayers.dll is less than 5.0.2195.7358
  • OR Vulnerable Microsoft Windows XP (x86) SP2
  • Microsoft Windows XP (x86) SP2 is installed
  • AND the version of Aclayers.dll is less than 5.1.2600.3647
  • OR Vulnerable Microsoft Windows XP (x86) SP3
  • Microsoft Windows XP (x86) SP3 is installed
  • AND the version of Aclayers.dll is less than 5.1.2600.5906
  • OR Vulnerable Microsoft Windows XP x64 SP2, Server 2003 x86/x64/ia64 SP2
  • Microsoft Windows XP x64 Edition SP2 is installed
  • OR Microsoft Windows Server 2003 SP2 (x64) is installed
  • OR Microsoft Windows Server 2003 SP2 (x86) is installed
  • OR Microsoft Windows Server 2003 (ia64) SP2 is installed
  • the version of Aclayers.dll is less than 5.2.3790.4624
  • OR the version of Waclayers.dll is less than 5.2.3790.4624
    • BACK