PT-2007-1557 · Microsoft · Advanced Systems Format+2

Published

2007-12-12

Updated

2018-10-30

CVE-2007-0064

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Windows Media Format Runtime versions 7.1, 9, 9.5, 9.5 x64 Edition, 11 Windows Media Services version 9.1

Description A heap-based buffer overflow issue exists, allowing user-assisted remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file.

Recommendations For Windows Media Format Runtime versions 7.1, 9, 9.5, 9.5 x64 Edition, 11, update to a version that includes the fix for this issue. For Windows Media Services version 9.1, update to a version that includes the fix for this issue. As a temporary workaround, consider avoiding the use of crafted Advanced Systems Format (ASF) files until a patch is available.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2007-0064

Affected Products

Advanced Systems Format

Windows Media Format Runtime

Windows Media Services

PT-2007-1557 · Microsoft · Advanced Systems Format+2

CVE-2007-0064

Weakness Enumeration

Related Identifiers

Affected Products

References · 10