Microsoft Windows Media Format Runtime ASF File Remote Code Execution Vulnerability

Bugtraq ID: 26776
Class: Boundary Condition Error
CVE: CVE-2007-0064
Remote: Yes
Local: No
Published: Dec 11 2007 12:00AM
Updated: Jun 10 2008 10:32PM
Credit: Ryan Smith and Alex Wheeler, IBM Internet Security Systems X-Force Researchers, of ISS X-Force is credited with the discovery of this issue.
Vulnerable: Microsoft Windows Media Services 9.1 x64
+ Microsoft Windows Server 2003 Datacenter Edition
+ Microsoft Windows Server 2003 Datacenter Edition Itanium 0
+ Microsoft Windows Server 2003 Enterprise Edition
+ Microsoft Windows Server 2003 Enterprise Edition Itanium 0
+ Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Media Services 9.1
+ Microsoft Windows Server 2003 Datacenter Edition
+ Microsoft Windows Server 2003 Datacenter Edition
+ Microsoft Windows Server 2003 Datacenter Edition Itanium 0
+ Microsoft Windows Server 2003 Datacenter Edition Itanium 0
+ Microsoft Windows Server 2003 Datacenter x64 Edition SP2
+ Microsoft Windows Server 2003 Enterprise Edition
+ Microsoft Windows Server 2003 Enterprise Edition
+ Microsoft Windows Server 2003 Enterprise Edition Itanium 0
+ Microsoft Windows Server 2003 Enterprise Edition Itanium 0
+ Microsoft Windows Server 2003 Enterprise x64 Edition SP2
+ Microsoft Windows Server 2003 Standard Edition SP2
+ Microsoft Windows Server 2003 Standard Edition
+ Microsoft Windows Server 2003 Standard Edition
+ Microsoft Windows Server 2003 x64 SP2
Microsoft Windows Media Format 9.5 x64
+ Microsoft Windows Server 2003 Datacenter x64 Edition SP2
+ Microsoft Windows Server 2003 Enterprise x64 Edition SP2
+ Microsoft Windows Server 2003 x64 SP2
+ Microsoft Windows XP Professional x64 Edition SP2
Microsoft Windows Media Format 9.5
+ Microsoft Windows Server 2003 SP2
+ Microsoft Windows Server 2003 Datacenter x64 Edition
+ Microsoft Windows Server 2003 Enterprise x64 Edition
+ Microsoft Windows Server 2003 Standard Edition SP2
+ Microsoft Windows Server 2003 Standard x64 Edition
+ Microsoft Windows Server 2003 Web Edition SP2
+ Microsoft Windows XP Home SP3
+ Microsoft Windows XP Home SP2
+ Microsoft Windows XP Media Center Edition SP3
+ Microsoft Windows XP Media Center Edition SP2
+ Microsoft Windows XP Professional SP3
+ Microsoft Windows XP Professional SP2
+ Microsoft Windows XP Professional x64 Edition SP2
Microsoft Windows Media Format 9.0
+ Microsoft Windows 2000 Advanced Server SP4
+ Microsoft Windows 2000 Datacenter Server SP4
+ Microsoft Windows 2000 Professional SP4
+ Microsoft Windows 2000 Server SP4
+ Microsoft Windows 2000 Terminal Services SP4
+ Microsoft Windows XP Home SP3
+ Microsoft Windows XP Home SP2
+ Microsoft Windows XP Media Center Edition SP3
+ Microsoft Windows XP Media Center Edition SP2
Microsoft Windows Media Format 7.1
Microsoft Windows Media Format 11
+ Microsoft Windows Server 2008 Datacenter Edition SP2
+ Microsoft Windows Server 2008 Datacenter Edition 0
+ Microsoft Windows Server 2008 Enterprise Edition SP2
+ Microsoft Windows Server 2008 Enterprise Edition 0
+ Microsoft Windows Server 2008 for 32-bit Systems SP2
+ Microsoft Windows Server 2008 for 32-bit Systems 0
+ Microsoft Windows Server 2008 for x64-based Systems SP2
+ Microsoft Windows Server 2008 for x64-based Systems 0
+ Microsoft Windows Server 2008 Standard Edition SP2
+ Microsoft Windows Server 2008 Standard Edition 0
+ Microsoft Windows Vista Ultimate SP2
+ Microsoft Windows Vista Ultimate SP1
+ Microsoft Windows Vista Ultimate
+ Microsoft Windows Vista SP2
+ Microsoft Windows Vista SP1
+ Microsoft Windows Vista Home Premium SP2
+ Microsoft Windows Vista Home Premium SP1
+ Microsoft Windows Vista Home Premium
+ Microsoft Windows Vista Home Basic SP2
+ Microsoft Windows Vista Home Basic SP1
+ Microsoft Windows Vista Home Basic
+ Microsoft Windows Vista Enterprise SP2
+ Microsoft Windows Vista Enterprise SP1
+ Microsoft Windows Vista Enterprise
+ Microsoft Windows Vista Business SP2
+ Microsoft Windows Vista Business SP1
+ Microsoft Windows Vista 0
+ Microsoft Windows Vista Business 64-bit edition SP2
+ Microsoft Windows Vista Business 64-bit edition SP1
+ Microsoft Windows Vista Business 64-bit edition 0
+ Microsoft Windows Vista Enterprise 64-bit edition SP2
+ Microsoft Windows Vista Enterprise 64-bit edition SP1
+ Microsoft Windows Vista Enterprise 64-bit edition 0
+ Microsoft Windows Vista Home Basic 64-bit edition SP2
+ Microsoft Windows Vista Home Basic 64-bit edition SP1
+ Microsoft Windows Vista Home Basic 64-bit edition 0
+ Microsoft Windows Vista Home Premium 64-bit edition SP2
+ Microsoft Windows Vista Home Premium 64-bit edition SP1
+ Microsoft Windows Vista Home Premium 64-bit edition 0
+ Microsoft Windows Vista Ultimate 64-bit edition SP2
+ Microsoft Windows Vista Ultimate 64-bit edition SP1
+ Microsoft Windows Vista Ultimate 64-bit edition 0
+ Microsoft Windows Vista x64 Edition SP2
+ Microsoft Windows Vista x64 Edition SP1
+ Microsoft Windows Vista x64 Edition 0
+ Microsoft Windows XP Home SP3
+ Microsoft Windows XP Home SP2
+ Microsoft Windows XP Media Center Edition SP3
+ Microsoft Windows XP Media Center Edition SP2
+ Microsoft Windows XP Professional SP3
+ Microsoft Windows XP Professional SP2
+ Microsoft Windows XP Professional x64 Edition SP2
HP Storage Management Appliance III
HP Storage Management Appliance II
HP Storage Management Appliance I
HP Storage Management Appliance 2.1
+ HP Storage Management Appliance III
+ HP Storage Management Appliance II
+ HP Storage Management Appliance I
Avaya Messaging Application Server MM 3.1
Avaya Messaging Application Server MM 3.0
Avaya Messaging Application Server MM 2.0
Avaya Messaging Application Server MM 1.1
Avaya Messaging Application Server 0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus