Microsoft Windows MP3 Audio Codec Divide-by-Zero Denial Of Service
Microsoft Windows MP3 Audio Codec Divide-by-Zero Denial Of Service
Rating: High
Affected OS: Windows XP (Service Pack 3, [++])
Description: A denial of service vulnerability is present in some versions of Microsoft Windows.
Recommendation: Currently we are unaware of a vendor-supplied patch or update.
Observation: A denial of service vulnerability is present in some versions of Microsoft Windows.
The flaw lies in a divide-by-zero error condition when processing specific MPEG Layer-3 data. Exploitation can be achieved via a specially crafted AVI file. Upon exploitation, and attacker may gain the ability to remotely affect the availability of the vulnerable host.
Common Vulnerabilities & Exposures (CVE): NA
IAVA Reference Number: NA
Leave a Reply
Want to join the discussion?Feel free to contribute!