Microsoft Windows MP3 Audio Codec Divide-by-Zero Denial Of Service

Microsoft Windows MP3 Audio Codec Divide-by-Zero Denial Of Service 

Rating: High

Affected OS: Windows XP (Service Pack 3, [++])

Description: A denial of service vulnerability is present in some versions of Microsoft Windows.

Recommendation: Currently we are unaware of a vendor-supplied patch or update.

Observation: A denial of service vulnerability is present in some versions of Microsoft Windows.

The flaw lies in a divide-by-zero error condition when processing specific MPEG Layer-3 data.  Exploitation can be achieved via a specially crafted AVI file. Upon exploitation, and attacker may gain the ability to remotely affect the availability of the vulnerable host.

Common Vulnerabilities & Exposures (CVE): NA

IAVA Reference Number: NA

Be the first to comment

Leave a Reply

Your email address will not be published.


*


error: Content is protected !!