CVE-2010-0480

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fixed version

Description A remote code execution issue exists in the way Microsoft MPEG Layer-3 codecs handle AVI media files. This could allow remote code execution if a user opens a specially crafted AVI file containing an MPEG Layer-3 audio stream. If a user is logged on with administrative user rights, an attacker who successfully exploits this issue could take complete control of an affected system, allowing them to install programs, view, change, or delete data, or create new accounts with full user rights. Users with fewer user rights on the system could be less impacted than users operating with administrative user rights.

Recommendations For Microsoft Windows versions prior to the fixed version, apply the necessary patch to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.