Intrusion PreventionMS.Windows.Indeo.Codec.Memory.Corruption
Description
This indicates an attack attempt against a Zero-Day vulnerability discovered by the FortiGuard Global Security Research Team. This vulnerability is located in the indeo codec module that delivered in affected system. Microsoft will not give a patch for this vulnerability, instead they provide some solutions in the Microsoft Security Advisory reference below and keep this vulnerability zero-Day. This signature should help mitigate the Zero-Day threat proactively - both prior to, and after an solution is available from the vendor.
Affected Products
Microsoft Windows 2000 Service Pack 4
Windows XP Service Pack 2 and Windows XP Service Pack 3
Windows Server 2003 Service Pack 2
Impact
Any Zero-Day vulnerabilities can have a large impact due to the fact that they remain unpatched, making exploit attempts more effective since the given attack vector remains open.
Recommended Actions
Refer to the vendor's web site for suggested solution:
http://www.microsoft.com/technet/security/advisory/954157.MSpx
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2021-01-11 | 16.995 |
| ID | 18013 |
| Created | Dec 09, 2009 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2009-4210 |
| Exploit Prediction Score | 2.33% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | Other |