jvndb-2009-000059
Vulnerability from jvndb
Published
2009-09-09 17:30
Modified
2009-09-09 17:30
Severity
() - -
Summary
Buffer overflow vulnerability in Microsoft Windows
Details
Microsoft Windows contains a buffer overflow vulnerability. Windows Media Format Runtime included in Microsoft Windows contains a buffer overflow vulnerability when parsing specific files. The security update for this vulnerability is contained in the Microsoft Security Bulletin Summary for September 2009. Hiroshi Noguchi of Alice Carroll fan club reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
TypeURL
JVN http://jvn.jp/en/jp/JVN62211338/index.html
JVNTR https://jvn.jp/en/tr/JVNTR-2009-22/
CVE http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2498
CVE http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2499
NVD http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2498
NVD http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2499
IPA SECURITY ALERTS http://www.ipa.go.jp/security/english/vuln/200909_windows_en.html
CERT-SA http://www.us-cert.gov/cas/alerts/SA09-251A.html
CERT-TA http://www.us-cert.gov/cas/techalerts/TA09-251A.html
SECUNIA http://secunia.com/advisories/36596
BID http://www.securityfocus.com/bid/36225
BID http://www.securityfocus.com/bid/36228
VUPEN http://www.vupen.com/english/advisories/2009/2566
Buffer Errors(CWE-119) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
Impacted products
VendorProduct
Microsoft CorporationMicrosoft Windows 2000
Microsoft CorporationMicrosoft Windows Server 2003
Microsoft CorporationMicrosoft Windows Server 2008
Microsoft CorporationMicrosoft Windows Vista
Microsoft CorporationMicrosoft Windows XP
Show details on JVN DB website

To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000059.html",
  "dc:date": "2009-09-09T17:30+09:00",
  "dcterms:issued": "2009-09-09T17:30+09:00",
  "dcterms:modified": "2009-09-09T17:30+09:00",
  "description": "Microsoft Windows contains a buffer overflow vulnerability.\r\n\r\nWindows Media Format Runtime included in Microsoft Windows contains a buffer overflow vulnerability when parsing specific files.\r\n\r\nThe security update for this vulnerability is contained in the Microsoft Security Bulletin Summary for September 2009.\r\n\r\nHiroshi Noguchi of Alice Carroll fan club reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000059.html",
  "sec:cpe": [
    {
      "#text": "cpe:/o:microsoft:windows_2000",
      "@product": "Microsoft Windows 2000",
      "@vendor": "Microsoft Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:microsoft:windows_server_2003",
      "@product": "Microsoft Windows Server 2003",
      "@vendor": "Microsoft Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:microsoft:windows_server_2008",
      "@product": "Microsoft Windows Server 2008",
      "@vendor": "Microsoft Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:microsoft:windows_vista",
      "@product": "Microsoft Windows Vista",
      "@vendor": "Microsoft Corporation",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:microsoft:windows_xp",
      "@product": "Microsoft Windows XP",
      "@vendor": "Microsoft Corporation",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "6.8",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2009-000059",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN62211338/index.html",
      "@id": "JVN#62211338",
      "@source": "JVN"
    },
    {
      "#text": "https://jvn.jp/en/tr/JVNTR-2009-22/",
      "@id": "JVNTR-2009-22",
      "@source": "JVNTR"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2498",
      "@id": "CVE-2009-2498",
      "@source": "CVE"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2499",
      "@id": "CVE-2009-2499",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2498",
      "@id": "CVE-2009-2498",
      "@source": "NVD"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2499",
      "@id": "CVE-2009-2499",
      "@source": "NVD"
    },
    {
      "#text": "http://www.ipa.go.jp/security/english/vuln/200909_windows_en.html",
      "@id": "Security Alert for Vulnerability in Microsoft Windows",
      "@source": "IPA SECURITY ALERTS"
    },
    {
      "#text": "http://www.us-cert.gov/cas/alerts/SA09-251A.html",
      "@id": "SA09-251A",
      "@source": "CERT-SA"
    },
    {
      "#text": "http://www.us-cert.gov/cas/techalerts/TA09-251A.html",
      "@id": "TA09-251A",
      "@source": "CERT-TA"
    },
    {
      "#text": "http://secunia.com/advisories/36596",
      "@id": "SA36596",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.securityfocus.com/bid/36225",
      "@id": "36225",
      "@source": "BID"
    },
    {
      "#text": "http://www.securityfocus.com/bid/36228",
      "@id": "36228",
      "@source": "BID"
    },
    {
      "#text": "http://www.vupen.com/english/advisories/2009/2566",
      "@id": "VUPEN/ADV-2009-2566",
      "@source": "VUPEN"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-119",
      "@title": "Buffer Errors(CWE-119)"
    }
  ],
  "title": "Buffer overflow vulnerability in Microsoft Windows"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.