|
|
|
|
|
|
| Search | ||||||||||||
| Security News | ||||||||||||
|
||||||||||||
| IT Directory | ||||||||||||
|
||||||||||||
 | |
|
2009-12-09 09:53:38 | |
|
Description:
Multiple vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. 1) An error in the Indeo41 codec when processing a specific size within the "movi" record of a IV41 stream can be exploited to cause a heap-based buffer overflow. 2) An error in the Indeo41 codec when decompressing a video stream can be exploited to cause a stack-based buffer overflow. 3) An unspecified error in the Indeo codec can be exploited to corrupt memory. 4) Other vulnerabilities also exist and are caused due to unspecified errors in the Indeo codec and can be exploited to corrupt memory by tricking a user into viewing specially crafted media content. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. Solution: Microsoft has issued an update that reduces the attack surface by preventing loading of Indeo content from the Internet zone in general and via Internet Explorer and Windows Media Player. However, other third-party applications may still use it to render media content and thus present attack vectors. Provided and/or discovered by: 1) Reported by an anonymous person via ZDI. 2) Reported by an anonymous person via ZDI. 3) Bing Liu, Fortinet's FortiGuard Labs. 4) The vendor credits Paul Byrne of NGS Software, VeriSign iDefense Labs, and Dave Lenoe of Adobe. Changelog: 2009-12-09: Added additional information provided by ZDI. Original Advisory: Microsoft: http://www.microsoft.com/technet/security/advisory/954157.mspx ZDI: http://www.zerodayinitiative.com/advisories/ZDI-09-089/ http://www.zerodayinitiative.com/advisories/ZDI-09-090/ No CVE references. | |
Reference 1: http://secunia.com/advisories/37592/
|
© 2006-2010 Heptacube Inc. |