Release DateOct 15, 2009 |
Severitycritical |
ImpactThis vulnerability could allow remote attackers to execute arbitrary code. |
DescriptionWindows Media Player is a media player and media library application developed by Microsoft that is used for playing audio, video and viewing images on personal computers running the Microsoft Windows operating system.Microsoft released security bulletin MS09-052 to address a vulnerability in Windows Media Player: CVE-2009-2527: Yamata Li of Palo Alto Networks reported a heap overflow vulnerability in Windows Media Player. ASF is a file format that stores audio and video information and is specially designed to run over networks like the Internet. It is a compressed format that can contain streaming audio, video, slide shows, and synchronized events. ASF enables content to be delivered to you as a continuous flow of data. ASF files may have the file extensions ASF, WMV, or WMA. The specific flaw exists the way Windows Media Player 6.4 handles specially crafted ASF files. An attacker could exploit the vulnerability by constructing a specially crafted ASF file that could allow remote code execution when played using Windows Media Player 6.4. An attacker who successfully exploited this vulnerability could take complete control of an affected system. |
Affected ProductsWindows Media Player 6.4 and older versions. |
Recommended ActionsYou may refer to Microsoft advisory for patches or update:http://www.microsoft.com/technet/security/Bulletin/ms09-052.mspx For FortiGate IPS users, turning on the IPS signature MS.Windows.Media.Player.Asf.Code.Execution can prevent exploitation of this vulnerability. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2009-2527 |
Reference/shttp://technet.microsoft.com/en-us/security/bulletin/ms09-052.mspx (MS-ID) |
