CVE-2009-1546
Published Aug 12, 2009
Last updated a year ago
Overview
- Description
- Integer overflow in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows allows remote attackers to execute arbitrary code on a Windows 2000 SP4 system via a crafted AVI file, or cause a denial of service on a Windows XP SP2 or SP3, Server 2003 SP2, Vista Gold, SP1, or SP2, or Server 2008 Gold or SP2 system via a crafted AVI file, aka "AVI Integer Overflow Vulnerability."
- Source
- secure@microsoft.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 8.5
- Impact score
- 10
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-189
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "377F7D0C-6B44-4B90-BF90-DAF959880C6D"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp2:*:itanium:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D21D1DFE-F61B-407E-A945-4F42F86947B0"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:sp2:*:x64:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3461CEA0-6CCF-4AA9-B83A-420E1310C83C"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F6EA111-A4E6-4963-A0C8-F9336C605B6E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FFF81F4B-7D92-4398-8658-84530FB8F518"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:x32:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "26A548AB-7C40-4CB7-B024-8A2DA947F245"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:-:x64:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5BE99796-BADE-40D1-AD85-03D28A466E5F"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7AE15F6C-80F6-43A6-86DA-B92116A697A0"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x86:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BA99C751-91CB-43D4-93FF-1C12342CAF1E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:-:-:x64:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CD560746-0AED-4646-934E-6742888FB6F2"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57ECAAA8-8709-4AC7-9CE7-49A8040C04D3"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9"
}
],
"operator": "OR"
}
]
}
]