Oval Definition:oval:org.mitre.oval:def:6257
Revision Date:2015-08-10Version:52
Title:Windows Media Header Parsing Invalid Free Vulnerability
Description:Microsoft Windows Media Format Runtime 9.0, 9.5, and 11 and Windows Media Services 9.1 and 2008 do not properly parse malformed headers in Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted (1) .asf, (2) .wmv, or (3) .wma file, aka "Windows Media Header Parsing Invalid Free Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2009-2498
Platform(s):Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product(s):Microsoft Media Services 9
Microsoft Media Services 9.1
Windows Media Format Runtime 11
Windows Media Format Runtime 9.0
Windows Media Format Runtime 9.5
Definition Synopsis
  • Windows Media Format Runtime 9.0 on Windows 2000 and Windows XP
  • OS Check
  • Microsoft Windows 2000 is installed
  • OR Microsoft Windows XP (32-bit) is installed
  • AND Windows Media Format Runtime 9.0 is installed
  • AND Wmvcore.dll for Windows Media Format 9.0 is installed.
  • AND the version of Wmvcore.dll is less than 9.0.0.3270
  • OR Windows Media Format Runtime 9.0 on Windows XP (x86)
  • Microsoft Windows XP (32-bit) is installed
  • AND Windows Media Format Runtime 9.0 is installed
  • AND Wmvcore.dll for Windows Media Format 9.0 is installed.
  • AND the version of Wmvcore.dll is less than 9.0.0.4506
  • OR Windows Media Format Runtime 9.5 on Windows XP (x86)
  • Microsoft Windows XP (32-bit) is installed
  • AND Windows Media Format Runtime 9.5 is installed
  • AND Wmvcore.dll for Windows Media Format 9.5 is installed.
  • AND the version of Wmvcore.dll is less than 10.0.0.3705
  • OR Windows Media Format Runtime 11 on Windows XP (x86)
  • Microsoft Windows XP (32-bit) is installed
  • AND Windows Media Format Runtime 11 is installed
  • AND Wmvcore.dll for Windows Media Format 11.0 is installed.
  • AND the version of Wmvcore.dll is less than 11.0.5721.5265
  • OR Windows Media Format Runtime 9.5 on Windows XP x64 ans Windows 2003 x64
  • OS Check
  • Microsoft Windows XP x64 is installed
  • OR Microsoft Windows Server 2003 (x64) is installed
  • AND Windows Media Format Runtime 9.5 is installed
  • AND Wmvcore.dll for Windows Media Format 9.5 on x64-bit platform is installed.
  • AND the version of %SystemRoot%\SysWOW64\Wmvcore.dll is less than 10.0.0.4005
  • OR Windows Media Format Runtime 11 on Windows XP x64
  • Microsoft Windows XP x64 is installed
  • AND Windows Media Format Runtime 11 is installed
  • AND Wmvcore.dll for Windows Media Format 11.0 on x64-bit platform is installed.
  • AND the version of %SystemRoot%\SysWOW64\Wmvcore.dll is less than 11.0.5721.5265
  • OR Windows Media Format Runtime 9.5 on Windows Server 2003 x86
  • Microsoft Windows Server 2003 (32-bit) is installed
  • AND Windows Media Format Runtime 9.5 is installed
  • AND Wmvcore.dll for Windows Media Format 9.5 is installed.
  • AND the version of Wmvcore.dll is less than 10.0.0.4005
  • OR Windows Media Format Runtime 11 on Windows Vista x86/x64
  • OS Check
  • Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • AND Windows Media Format Runtime 11 is installed
  • AND Wmvcore.dll for Windows Media Format 11.0 is installed.
  • AND the version of Wmvcore.dll is less than 11.0.5721.5265
  • OR Windows Media Format Runtime 11 on Windows Vista x86/x64, Windows Server 2008 x86/x64
  • OS Check
  • Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • OR Microsoft Windows Server 2008 (32-bit) is installed
  • OR Microsoft Windows Server 2008 (64-bit) is installed
  • AND Windows Media Format Runtime 11 is installed
  • AND Wmvcore.dll for Windows Media Format 11.0 is installed.
  • AND the version of Wmvcore.dll is less than 11.0.6001.7006
  • OR Windows Media Format Runtime 11 on Windows Vista x86/x64, Windows Server 2008 x86/x64
  • OS Check
  • Microsoft Windows Vista (32-bit) is installed
  • OR Microsoft Windows Vista x64 Edition is installed
  • OR Microsoft Windows Server 2008 (32-bit) is installed
  • OR Microsoft Windows Server 2008 (64-bit) is installed
  • AND Windows Media Format Runtime 11 is installed
  • AND Wmvcore.dll for Windows Media Format 11.0 is installed.
  • AND GDR or LDR Service branch
  • the version of Wmvcore.dll is less than 11.0.6002.18049
  • OR LDR
  • the version of Wmvcore.dll is greater than or equal 11.0.6002.22000
  • AND the version of Wmvcore.dll is less than 11.0.6002.22150
  • OR Windows Media Services 9.1 on Windows Server 2003 x86/x64
  • OS Check
  • Microsoft Windows Server 2003 (32-bit) is installed
  • OR Microsoft Windows Server 2003 (x64) is installed
  • AND Microsoft Media Services 9.1 is installed
  • AND wmsserver.dll for Windows Media Services 9.1 is installed.
  • AND the version of wmsserver.dll is less than 9.1.1.5001
  • OR Windows Media Services 9
  • OS Check
  • Microsoft Windows Server 2008 (32-bit) is installed
  • OR Microsoft Windows Server 2008 (64-bit) is installed
  • AND Microsoft Media Services 9 is installed
  • AND Wmsserver.dll version is less than 9.5.6001.18281
    • BACK