| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS07-068 | Vulnerability in Windows Media File Format Could Allow Remote Code Execution (941569 and 944275) | Windows Media | Critical | 12-12-2007 |
Technical Information
Brief overview of the risk:
A remote code execution vulnerability exists in Windows Media Format Runtime due to the way it handles Advanced Systems Format (ASF) files.
Detailed Information on the risk:
This critical security update resolves a privately reported vulnerability in Windows Media File Format. This vulnerability could allow remote code execution if a user viewed a specially crafted file in Windows Media Format Runtime. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.Further information on this exploit is available at : MS07-068
Affected Software
Windows Media Format Runtime 11 (Windows Vista)Windows Media Format Runtime 11 (Windows XP Service Pack 2)
Windows Media Format Runtime 7.1 (Microsoft Windows 2000 Service Pack 4)
Windows Media Format Runtime 9 (Windows 2000 Service Pack 4)
Windows Media Format Runtime 9 (Windows XP Service Pack 2)
Windows Media Format Runtime 9.5 (Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2)
Windows Media Format Runtime 9.5 (Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2)
Windows Media Format Runtime 9.5 (Windows XP Service Pack 2)
Windows Media Format Runtime 9.5 x64 Edition (Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2)
Windows Media Format Runtime 9.5 x64 Edition (Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2)
Windows Media Services 9.1 (Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2)