CVE-2009-1546
기본정보
  • 공개일 : 2009-08-12
  • 변경일 : 2009-09-04
  • 위험도 : 낮음
  • 공격 범위 : 인터넷, 사용자가 공격자에게 접근해야 공격 가능
  • 피해 유형 : 가용성 침해, 기밀 유출, 무결성 훼손, 계정 탈취 (관리자 계정)
CVSS 평가 위험도: 8.5 (영향도: 10.0 익스플로잇: 6.8 )
설명

Integer overflow in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows allows remote attackers to execute arbitrary code on a Windows 2000 SP4 system via a crafted AVI file, or cause a denial of service on a Windows XP SP2 or SP3, Server 2003 SP2, Vista Gold, SP1, or SP2, or Server 2008 Gold or SP2 system via a crafted AVI file, aka "AVI Integer Overflow Vulnerability."
참조
취약 소프트웨어
  • Microsoft windows_2003_server sp2
  • Microsoft windows_2003_server sp2 :x64
  • Microsoft windows_2003_server sp2 :itanium
  • Microsoft windows_server_2008 :itanium
  • Microsoft windows_server_2008 sp2
  • Microsoft windows_server_2008 sp2:x64
  • Microsoft windows_server_2008 - -
  • Microsoft windows_server_2008 - -:x64
  • Microsoft windows_server_2008 - -:x32
  • Microsoft windows_server_2008 - sp2
  • Microsoft windows_server_2008 - sp2:itanium
  • Microsoft windows_server_2008 - sp2:x32
  • Microsoft windows_vista sp1
  • Microsoft windows_vista sp1:x64
  • Microsoft windows_vista sp2
  • Microsoft windows_vista sp2:x64
  • Microsoft windows_vista - -
  • Microsoft windows_vista - -:x64
  • Microsoft windows_xp sp2
  • Microsoft windows_xp sp2:x64
  • Microsoft windows_xp - sp2
  • Microsoft windows_xp - sp3