Remote Code Execution Vulnerability In Cinepak Codec (982665) Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS10-055.

Impact

Successful exploitation will allow remote attackers to execute arbitrary code with the privileges of the user running the application. Impact Level: System

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/Bulletin/MS10-055.mspx

Insight

The Cinepak Codec applications fails to perform adequate boundary checks while handling supported format files.

Affected

Microsoft Windows XP Service Pack 3 and prior. Microsoft Windows Vista service Pack 2 and prior. Microsoft Windows 7

References

http://secunia.com/advisories/40936
http://support.microsoft.com/kb/982665
http://www.microsoft.com/technet/security/Bulletin/MS10-055.mspx

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-2553

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Microsoft Active Accessibility Remote Code Execution Vulnerability (2623699)
Microsoft Comctl32 Integer Overflow Vulnerability (2864058)
Embedded OpenType Font Engine Remote Code Execution Vulnerability (982132)
Bluetooth Stack Could Allow Remote Code Execution Vulnerability (951376)
Microsoft Ancillary Function Driver Elevation of Privilege Vulnerability (956803)

Remote Code Execution Vulnerability in Cinepak Codec (982665)

Take action and discover your vulnerabilities