• 공개일 : 2009-08-13
• 변경일 : 2010-08-21

• 위험도: 8.5
• 액세스 벡터 : NETWORK
• 액세스 복잡성 : 보통
• 인증 : SINGLE_INSTANCE
• 기밀성 영향 : 전체
• 무결성 영향 : 전체
• 가용성 영향 : 전체
• 출처 : http://nvd.nist.gov
• 공개일 : 2009-08-13

Integer overflow in Avifil32.dll in the Windows Media file handling functionality in Microsoft Windows allows remote attackers to execute arbitrary code on a Windows 2000 SP4 system via a crafted AVI file, or cause a denial of service on a Windows XP SP2 or SP3, Server 2003 SP2, Vista Gold, SP1, or SP2, or Server 2008 Gold or SP2 system via a crafted AVI file, aka "AVI Integer Overflow Vulnerability."

• CERT, TA09-223A
• VUPEN, ADV-2009-2233
• BID, 35970
• MS, MS09-038
• SECTRACK, 1022711
• SECUNIA, 36206
• OSVDB, 56909

• microsoft windows_vista x64
• microsoft windows_2003_server sp2 itanium
• microsoft windows_server_2008 x64
• microsoft windows_xp -
• microsoft windows_vista - x64
• microsoft windows_vista x64
• microsoft windows_server_2008 - x32
• microsoft windows_server_2008 - x64
• microsoft windows_2003_server sp2 x64
• microsoft windows_server_2008 - x32
• microsoft windows_2003_server sp2
• microsoft windows_xp -
• microsoft windows_server_2008 itanium
• microsoft windows_server_2008 - itanium
• microsoft windows_xp x64