Vulnerability CVE-2009-0199 - CERT Civis.Net

Vulnerability Name:

CVE-2009-0199 (CCN-53095)

Assigned:

2009-09-05

Published:

2009-09-05

Updated:

2018-10-11

Summary:

Heap-based buffer overflow in the VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows might allow remote attackers to execute arbitrary code via a video file with crafted dimensions (aka framebuffer parameters).

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2009-0199

Source: CCN
Type: VMSA-2009-0012
VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues

Source: MLIST
Type: Patch
[security-announce] 20090904 VMSA-2009-0012 VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues.

Source: CCN
Type: SA34938
VMware Workstation Movie Decoder VMnc Codec Two Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
34938

Source: MISC
Type: Vendor Advisory
http://secunia.com/secunia_research/2009-25/

Source: CCN
Type: OSVDB ID: 57835
VMware Workstation Movie Decoder VMnc Codec (vmnc.dll) Crafted Video File Handling Overflow

Source: BUGTRAQ
Type: UNKNOWN
20090905 VMSA-2009-0012 VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues.

Source: BID
Type: UNKNOWN
36290

Source: CCN
Type: BID-36290
VMware Movie Decoder VMnc Codec Multiple Heap Overflow Vulnerabilities

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.vmware.com/security/advisories/VMSA-2009-0012.html

Source: VUPEN
Type: Patch, Vendor Advisory
ADV-2009-2553

Source: XF
Type: UNKNOWN
workstation-decoder-vmnc-codec-bo(53095)

Vulnerable Configuration:

Configuration 1:

cpe:/a:vmware:ace:2.5.0:*:*:*:*:*:*:*

OR cpe:/a:vmware:ace:2.5.1:*:*:*:*:*:*:*

OR cpe:/a:vmware:ace:2.5.2:*:*:*:*:*:*:*

OR cpe:/a:vmware:movie_decoder:6.5.3:*:*:*:*:*:*:*

OR cpe:/a:vmware:player:2.5:*:*:*:*:*:*:*

OR cpe:/a:vmware:player:2.5.1:*:*:*:*:*:*:*

OR cpe:/a:vmware:player:2.5.2:*:*:*:*:*:*:*

OR cpe:/a:vmware:player:2.5.2_build_156735:*:*:*:*:*:*:*

OR cpe:/a:vmware:workstation:6.5:*:*:*:*:*:*:*

OR cpe:/a:vmware:workstation:6.5.0:*:*:*:*:*:*:*

OR cpe:/a:vmware:workstation:6.5.1:*:*:*:*:*:*:*

OR cpe:/a:vmware:workstation:6.5.2:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:vmware:workstation:6.5.1:*:*:*:*:*:*:*

OR cpe:/a:vmware:workstation:6.5.2:*:*:*:*:*:*:*

OR cpe:/a:vmware:workstation:6.5.3:*:*:*:*:*:*:*

OR cpe:/a:vmware:movie_decoder:6.5.3:*:*:*:*:*:*:*

Denotes that component is vulnerable