DirectShow MJPEG Decompression Remote Code Execution Vulnerability - MS09-011ID: oval:org.secpod.oval:def:2610 | Date: (C)2009-10-27 (M)2022-10-10 |
Class: PATCH | Family: windows |
The host is missing a security update according to Microsoft security bulletin, MS09-011. The update is required to fix heap memory error. The flaw is present in MJPEG file or video stream with a malformed Huffman table, which triggers an exception that frees heap memory. Successful exploitation could result in arbitrary code execution via MJPEG file or video stream.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows XP |
Microsoft Windows Server 2003 |