McAfee > Theat Center > Vulnerability Detail Page

Timeline

10/13/2009

Vendor has provided a patch.

Description

A vulnerability in Microsoft Windows (Windows Media Runtime) may allow remote code execution. The vulnerability exists due to the improper processing of specially crafted Advanced Systems Format (ASF) files. The vulnerability could be exploited by constructing a specially crafted audio file that could allow remote code execution when played using an affected version of Windows Media Player. Successful exploitation of this vulnerability could allow an attacker to take complete control of an affected system.

McAfee Product Mitigation & Recommendations

Recommendations

The vendor has released a patch to address this issue: http://www.microsoft.com/technet/security/bulletin/ms09-051.mspx

McAfee Product Mitigation

McAfee Foundstone

Signature:

(MS09-051) Windows Media Runtime Voice Sample Rate Vulnerability (975682)

Signature identifier:

7191

Release date:

10/13/2009

McAfee Intrushield

Signature:

HTTP: Microsoft Windows Media Runtime Voice Sample Rate Vulnerability

Signature identifier:

0x40269C00

Release date:

10/13/2009

First released in:

4.1.59, 5.1.29

McAfee Host IPS

Signature:

Generic Buffer Overflow Protection

Signature identifier:

428

Release date:

8/24/2000

First released in:

2.0

McAfee VirusScan Enterprise 8.0i (VSE8.0i) / Managed Virus Scan (MVS) Buffer Overflow Protection

Signature:

Generic Buffer Overflow Protection

McAfee VirusScan Enterprise 8.5i (VSE8.5i) /Total Protection for Small Business (ToPS SB) Buffer Overflow Protection

Signature:

Generic Buffer Overflow Protection

Signature:

Generic Buffer Overflow Protection

Additional Resources

(MS09-051) Windows Media Runtime Voice Sample Rate Vulnerability (975682)

http://www.microsoft.com/technet/security/bulletin/ms09-051.mspx

All Information

Timeline -

10/13/2009

Vendor has provided a patch.

Description -

A vulnerability in Microsoft Windows (Windows Media Runtime) may allow remote code execution. The vulnerability exists due to the improper processing of specially crafted Advanced Systems Format (ASF) files. The vulnerability could be exploited by constructing a specially crafted audio file that could allow remote code execution when played using an affected version of Windows Media Player. Successful exploitation of this vulnerability could allow an attacker to take complete control of an affected system.

McAfee Product Mitigation & Recommendations

Recommendations -

The vendor has released a patch to address this issue: http://www.microsoft.com/technet/security/bulletin/ms09-051.mspx

McAfee Product Mitigation

McAfee Foundstone

Signature:

(MS09-051) Windows Media Runtime Voice Sample Rate Vulnerability (975682)

Signature identifier:

7191

Release date:

10/13/2009

McAfee Intrushield

Signature:

HTTP: Microsoft Windows Media Runtime Voice Sample Rate Vulnerability

Signature identifier:

0x40269C00

Release date:

10/13/2009

First released in:

4.1.59, 5.1.29

McAfee Host IPS

Signature:

Generic Buffer Overflow Protection

Signature identifier:

428

Release date:

8/24/2000

First released in:

2.0

McAfee VirusScan Enterprise 8.0i (VSE8.0i) / Managed Virus Scan (MVS) Buffer Overflow Protection

Signature:

Generic Buffer Overflow Protection

McAfee VirusScan Enterprise 8.5i (VSE8.5i) /Total Protection for Small Business (ToPS SB) Buffer Overflow Protection

Signature:

Generic Buffer Overflow Protection

Signature:

Generic Buffer Overflow Protection

Additional Resources

Additional Resources -

(MS09-051) Windows Media Runtime Voice Sample Rate Vulnerability (975682)

http://www.microsoft.com/technet/security/bulletin/ms09-051.mspx