Signature Detail

HTTP: Microsoft DirectShow MPEG Layer-3 Audio Decoder Memory Corruption

This signature detects attempts to exploit a known code execution vulnerability in Microsoft DirectShow DirectShow MPEG Layer-3 Audio Decoder. It is due to memory corruption while decoding specially crafted media files. An attacker can exploit this by enticing a user to process a malicious audio file. This can lead to memory corruption and the possibility of code execution in the context of the logged in user.

Extended Description

Microsoft MPEG Layer-3 audio decoder is prone to a remote buffer-overflow vulnerability because the applicaiton fails to perform adequate boundary-checks on user-supplied data. Successful exploits allow remote attackers to execute arbitrary code in the context of the user running the application. Failed exploit attempts will result in a denial-of-service condition.

Affected Products

• Avaya Aura Conferencing 6.0 Standard
• Avaya CallPilot Unified Messaging
• Avaya Meeting Exchange - Client Registration Server
• Avaya Meeting Exchange - Recording Server
• Avaya Meeting Exchange - Streaming Server
• Avaya Meeting Exchange - Web Conferencing Server
• Avaya Meeting Exchange - Webportal
• Avaya Messaging Application Server 4
• Avaya Messaging Application Server 5
• Avaya Messaging Application Server MM 1.1
• Avaya Messaging Application Server MM 2.0
• Avaya Messaging Application Server MM 3.0
• Avaya Messaging Application Server MM 3.1
• Avaya Messaging Application Server
• Microsoft Windows Server 2003 SP1
• Microsoft Windows Server 2003 Sp1 Compute Cluster
• Microsoft Windows Server 2003 SP1 Platform SDK
• Microsoft Windows Server 2003 Sp1 Storage
• Microsoft Windows Server 2003 Sp2 Compute Cluster
• Microsoft Windows Server 2003 Sp2 Datacenter
• Microsoft Windows Server 2003 Sp2 Enterprise
• Microsoft Windows Server 2003 Sp2 Storage
• Microsoft Windows Server 2003 Datacenter Edition
• Microsoft Windows Server 2003 Datacenter x64 Edition SP2
• Microsoft Windows Server 2003 Datacenter x64 Edition
• Microsoft Windows Server 2003 Enterprise Edition SP1
• Microsoft Windows Server 2003 Enterprise Edition
• Microsoft Windows Server 2003 Enterprise x64 Edition SP2
• Microsoft Windows Server 2003 Enterprise x64 Edition
• Microsoft Windows Server 2003 Web Edition SP1
• Microsoft Windows Server 2003 Web Edition SP2
• Microsoft Windows Server 2003 Web Edition
• Microsoft Windows Server 2003 x64 SP1
• Microsoft Windows Server 2003 x64 SP2
• Microsoft Windows XP Home SP1
• Microsoft Windows XP Home SP2
• Microsoft Windows XP Home SP3
• Microsoft Windows XP Home
• Microsoft Windows XP Media Center Edition SP1
• Microsoft Windows XP Media Center Edition SP2
• Microsoft Windows XP Media Center Edition SP3
• Microsoft Windows XP Media Center Edition
• Microsoft Windows XP Professional SP1
• Microsoft Windows XP Professional SP2
• Microsoft Windows XP Professional SP3
• Microsoft Windows XP Professional
• Microsoft Windows XP Professional x64 Edition SP2
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows XP Tablet PC Edition SP1
• Microsoft Windows XP Tablet PC Edition SP2
• Microsoft Windows XP Tablet PC Edition SP3
• Microsoft Windows XP Tablet PC Edition

References

• BugTraq: 42298
• CVE: CVE-2010-1882