Vulnerability CVE-2009-4311 - CERT Civis.Net

Vulnerability Name:

CVE-2009-4311 (CCN-54645)

Assigned:

2009-12-08

Published:

2009-12-08

Updated:

2017-09-19

Summary:

Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Paul Byrne of NGS Software.
Note: this might overlap CVE-2008-3615.

CVSS v3 Severity:

10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2009-4311

Source: MITRE
Type: CNA
CVE-2009-4312

Source: CCN
Type: SA37592
Microsoft Windows Indeo Codec Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
37592

Source: CCN
Type: SECTRACK ID: 1023302
Windows Media Player Indeo Codec Bugs Let Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: UNKNOWN
1023302

Source: MSKB
Type: Patch, Vendor Advisory
954157

Source: MSKB
Type: Patch, Vendor Advisory
955759

Source: MSKB
Type: Patch, Vendor Advisory
976138

Source: CCN
Type: Microsoft Security Advisory (954157)
Security Enhancements for the Indeo Codec

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.microsoft.com/technet/security/advisory/954157.mspx

Source: CCN
Type: OSVDB ID: 61037
Microsoft Windows Indeo Codec Crafted Media Content Arbitrary Code Execution (2009-4312)

Source: BID
Type: UNKNOWN
37251

Source: CCN
Type: BID-37251
Intel Indeo Codec Media Content Multiple Buffer Overflow Vulnerabilities

Source: VUPEN
Type: Vendor Advisory
ADV-2009-3440

Source: XF
Type: UNKNOWN
ms-ie-content-code-execution(54645)

Source: XF
Type: UNKNOWN
ms-ie-content-code-execution(54645)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:11975

Vulnerable Configuration:

Configuration 1:

cpe:/o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*

Configuration CCN 1:

cpe:/o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*

OR cpe:/o:microsoft:windows:xp:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows:server_2003:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows:server_2003:sp2:itanium:*:*:*:*:*

OR cpe:/o:microsoft:windows:server_2003:sp2:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp::sp2:x64:*:professional:*:*:*

OR cpe:/o:microsoft:windows:xp:sp3:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:11975	V	Unspecified vulnerability in the Indeo (CVE-2009-4311)	2010-12-20