CVE-2009-2499
published 2009-09-08CVE-2009-2499: Microsoft Windows Media Format Runtime 9.0, 9.5, and 11; and Microsoft Media Foundation on Windows Vista Gold, SP1, and SP2 and Server 2008; allows remote…
PriorityP350high8.5CVSS 2.0
AVNACMAuSCCICAC
EPSS
15.55%
96.4th percentile
Microsoft Windows Media Format Runtime 9.0, 9.5, and 11; and Microsoft Media Foundation on Windows Vista Gold, SP1, and SP2 and Server 2008; allows remote attackers to execute arbitrary code via an MP3 file with crafted metadata that triggers memory corruption, aka "Windows Media Playback Memory Corruption Vulnerability."
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_media_format_runtime | — | — |
| microsoft | windows_media_format_runtime | — | — |
| microsoft | windows_media_format_runtime | — | — |
| microsoft | windows_media_services | — | — |
| microsoft | windows_media_services | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.us-cert.gov/cas/techalerts/TA09-251A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-047https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5531http://www.us-cert.gov/cas/techalerts/TA09-251A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-047https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5531
2009-09-08
Published