Microsoft Windows Media Format Runtime ASF File Remote Code Execution Vulnerability

Bugtraq ID: 26776
Class: Boundary Condition Error
CVE: CVE-2007-0064
Remote: Yes
Local: No
Published: Dec 11 2007 12:00AM
Updated: Jun 10 2008 10:32PM
Credit: Ryan Smith and Alex Wheeler, IBM Internet Security Systems X-Force Researchers, of ISS X-Force is credited with the discovery of this issue.
Vulnerable: Microsoft Windows Media Services 9.1 x64
+ Microsoft Windows Server 2003 Datacenter Edition
+ Microsoft Windows Server 2003 Datacenter Edition Itanium 0
 + Microsoft Windows Server 2003 Enterprise Edition
+ Microsoft Windows Server 2003 Enterprise Edition Itanium 0
 + Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Media Services 9.1
+ Microsoft Windows Server 2003 Datacenter Edition
+ Microsoft Windows Server 2003 Datacenter Edition
+ Microsoft Windows Server 2003 Datacenter Edition Itanium 0
 + Microsoft Windows Server 2003 Datacenter Edition Itanium 0
 + Microsoft Windows Server 2003 Datacenter x64 Edition SP2
 + Microsoft Windows Server 2003 Enterprise Edition
+ Microsoft Windows Server 2003 Enterprise Edition
+ Microsoft Windows Server 2003 Enterprise Edition Itanium 0
 + Microsoft Windows Server 2003 Enterprise Edition Itanium 0
 + Microsoft Windows Server 2003 Enterprise x64 Edition SP2
 + Microsoft Windows Server 2003 Standard Edition SP2
 + Microsoft Windows Server 2003 Standard Edition
+ Microsoft Windows Server 2003 Standard Edition
+ Microsoft Windows Server 2003 x64 SP2
 Microsoft Windows Media Format 9.5 x64
+ Microsoft Windows Server 2003 Datacenter x64 Edition SP2
 + Microsoft Windows Server 2003 Enterprise x64 Edition SP2
 + Microsoft Windows Server 2003 x64 SP2
 + Microsoft Windows XP Professional x64 Edition SP2
 Microsoft Windows Media Format 9.5
+ Microsoft Windows Server 2003 SP2
 + Microsoft Windows Server 2003 Datacenter x64 Edition
+ Microsoft Windows Server 2003 Enterprise x64 Edition
+ Microsoft Windows Server 2003 Standard Edition SP2
 + Microsoft Windows Server 2003 Standard x64 Edition
+ Microsoft Windows Server 2003 Web Edition SP2
 + Microsoft Windows XP Home SP3
 + Microsoft Windows XP Home SP2
 + Microsoft Windows XP Media Center Edition SP3
 + Microsoft Windows XP Media Center Edition SP2
 + Microsoft Windows XP Professional SP3
 + Microsoft Windows XP Professional SP2
 + Microsoft Windows XP Professional x64 Edition SP2
 Microsoft Windows Media Format 9.0
+ Microsoft Windows 2000 Advanced Server SP4
 + Microsoft Windows 2000 Datacenter Server SP4
 + Microsoft Windows 2000 Professional SP4
 + Microsoft Windows 2000 Server SP4
 + Microsoft Windows 2000 Terminal Services SP4
 + Microsoft Windows XP Home SP3
 + Microsoft Windows XP Home SP2
 + Microsoft Windows XP Media Center Edition SP3
 + Microsoft Windows XP Media Center Edition SP2
 Microsoft Windows Media Format 7.1
Microsoft Windows Media Format 11
+ Microsoft Windows Server 2008 Datacenter Edition SP2
 + Microsoft Windows Server 2008 Datacenter Edition 0
 + Microsoft Windows Server 2008 Enterprise Edition SP2
 + Microsoft Windows Server 2008 Enterprise Edition 0
 + Microsoft Windows Server 2008 for 32-bit Systems SP2
 + Microsoft Windows Server 2008 for 32-bit Systems 0
 + Microsoft Windows Server 2008 for x64-based Systems SP2
 + Microsoft Windows Server 2008 for x64-based Systems 0
 + Microsoft Windows Server 2008 Standard Edition SP2
 + Microsoft Windows Server 2008 Standard Edition 0
 + Microsoft Windows Vista Ultimate SP2
 + Microsoft Windows Vista Ultimate SP1
 + Microsoft Windows Vista Ultimate
 + Microsoft Windows Vista SP2
 + Microsoft Windows Vista SP1
 + Microsoft Windows Vista Home Premium SP2
 + Microsoft Windows Vista Home Premium SP1
 + Microsoft Windows Vista Home Premium
 + Microsoft Windows Vista Home Basic SP2
 + Microsoft Windows Vista Home Basic SP1
 + Microsoft Windows Vista Home Basic
 + Microsoft Windows Vista Enterprise SP2
 + Microsoft Windows Vista Enterprise SP1
 + Microsoft Windows Vista Enterprise
 + Microsoft Windows Vista Business SP2
 + Microsoft Windows Vista Business SP1
 + Microsoft Windows Vista 0
 + Microsoft Windows Vista Business 64-bit edition SP2
 + Microsoft Windows Vista Business 64-bit edition SP1
 + Microsoft Windows Vista Business 64-bit edition 0
 + Microsoft Windows Vista Enterprise 64-bit edition SP2
 + Microsoft Windows Vista Enterprise 64-bit edition SP1
 + Microsoft Windows Vista Enterprise 64-bit edition 0
 + Microsoft Windows Vista Home Basic 64-bit edition SP2
 + Microsoft Windows Vista Home Basic 64-bit edition SP1
 + Microsoft Windows Vista Home Basic 64-bit edition 0
 + Microsoft Windows Vista Home Premium 64-bit edition SP2
 + Microsoft Windows Vista Home Premium 64-bit edition SP1
 + Microsoft Windows Vista Home Premium 64-bit edition 0
 + Microsoft Windows Vista Ultimate 64-bit edition SP2
 + Microsoft Windows Vista Ultimate 64-bit edition SP1
 + Microsoft Windows Vista Ultimate 64-bit edition 0
 + Microsoft Windows Vista x64 Edition SP2
 + Microsoft Windows Vista x64 Edition SP1
 + Microsoft Windows Vista x64 Edition 0
 + Microsoft Windows XP Home SP3
 + Microsoft Windows XP Home SP2
 + Microsoft Windows XP Media Center Edition SP3
 + Microsoft Windows XP Media Center Edition SP2
 + Microsoft Windows XP Professional SP3
 + Microsoft Windows XP Professional SP2
 + Microsoft Windows XP Professional x64 Edition SP2
 HP Storage Management Appliance III
HP Storage Management Appliance II
HP Storage Management Appliance I
HP Storage Management Appliance 2.1
+ HP Storage Management Appliance III
 + HP Storage Management Appliance II
 + HP Storage Management Appliance I
 Avaya Messaging Application Server MM 3.1
Avaya Messaging Application Server MM 3.0
Avaya Messaging Application Server MM 2.0
Avaya Messaging Application Server MM 1.1
Avaya Messaging Application Server 0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus