CVE-2009-2628 - OpenCVE

The VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows does not properly handle certain small heights in video content, which might allow remote attackers to execute arbitrary code via a crafted AVI file that triggers heap memory corruption.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Vmware	Ace Player Movie Decoder Workstation

Configuration 1 [-]

OR	cpe:2.3:a:vmware:ace:2.5.0:::::::*
	cpe:2.3:a:vmware:ace:2.5.1:::::::*
	cpe:2.3:a:vmware:ace:2.5.2:::::::*
	cpe:2.3:a:vmware:movie_decoder:6.5.3:::::::*
	cpe:2.3:a:vmware:player:2.5:::::::*
	cpe:2.3:a:vmware:player:2.5.1:::::::*
	cpe:2.3:a:vmware:player:2.5.2:::::::*
	cpe:2.3:a:vmware:workstation:6.5:::::::*
	cpe:2.3:a:vmware:workstation:6.5.0:::::::*
	cpe:2.3:a:vmware:workstation:6.5.1:::::::*
	cpe:2.3:a:vmware:workstation:6.5.2:::::::*

References

Link	Resource
http://lists.vmware.com/pipermail/security-announce/2009/000065.html	Patch
http://secunia.com/advisories/34938	Vendor Advisory
http://www.kb.cert.org/vuls/id/444513	US Government Resource
http://www.securityfocus.com/archive/1/506286/100/0/threaded
http://www.securityfocus.com/bid/36290	Patch
http://www.vmware.com/security/advisories/VMSA-2009-0012.html	Patch Vendor Advisory
http://www.vupen.com/english/advisories/2009/2553	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: certcc

Published: 2009-09-08T22:00:00

Updated: 2018-10-10T18:57:01

Reserved: 2009-07-28T00:00:00

Link: CVE-2009-2628

JSON object: View

NVD Information

Status : Modified

Published: 2009-09-08T22:30:00.483

Modified: 2018-10-10T19:41:03.963

Link: CVE-2009-2628

JSON object: View

Redhat Information

No data.

CWE

CWE-94

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-09-04T00:00:00", "descriptions": [{"lang": "en", "value": "The VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows does not properly handle certain small heights in video content, which might allow remote attackers to execute arbitrary code via a crafted AVI file that triggers heap memory corruption."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"name": "[security-announce] 20090904 VMSA-2009-0012 VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues.", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.vmware.com/pipermail/security-announce/2009/000065.html"}, {"name": "36290", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/36290"}, {"name": "20090905 VMSA-2009-0012 VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues.", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/506286/100/0/threaded"}, {"name": "ADV-2009-2553", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/2553"}, {"name": "VU#444513", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/444513"}, {"name": "34938", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/34938"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/security/advisories/VMSA-2009-0012.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2009-2628", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows does not properly handle certain small heights in video content, which might allow remote attackers to execute arbitrary code via a crafted AVI file that triggers heap memory corruption."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[security-announce] 20090904 VMSA-2009-0012 VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues.", "refsource": "MLIST", "url": "http://lists.vmware.com/pipermail/security-announce/2009/000065.html"}, {"name": "36290", "refsource": "BID", "url": "http://www.securityfocus.com/bid/36290"}, {"name": "20090905 VMSA-2009-0012 VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues.", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/506286/100/0/threaded"}, {"name": "ADV-2009-2553", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/2553"}, {"name": "VU#444513", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/444513"}, {"name": "34938", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34938"}, {"name": "http://www.vmware.com/security/advisories/VMSA-2009-0012.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2009-0012.html"}]}}}}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2009-2628", "datePublished": "2009-09-08T22:00:00", "dateReserved": "2009-07-28T00:00:00", "dateUpdated": "2018-10-10T18:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:ace:2.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "B71537AE-346D-4BA9-90E7-EA0AB0CD0886", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:ace:2.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "5674C3DD-F510-4701-ACA8-437576307528", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:ace:2.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "E62960B2-91AE-4DD7-8085-9BA6BCB84473", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:movie_decoder:6.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "CE79F3F7-A21A-4CAA-BB0D-2955299EE8E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:player:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "FE944A70-CB9C-4712-9802-509531396A02", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:player:2.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "252D2C0B-B89A-4C89-8D6B-6A8E58FCD8DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:player:2.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "62DA49FA-6657-45B5-BF69-D3A03BA62A4D", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "AFC6B629-30B3-4C45-B5E9-1B4310F186FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:6.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "8E8F3BFF-676B-4E2C-98BA-DCA71E49060F", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:6.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "B3E658DA-56E8-49F0-B486-4EF622B63627", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:workstation:6.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "541D77A2-99C5-4CDB-877F-7E83E1E3369E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows does not properly handle certain small heights in video content, which might allow remote attackers to execute arbitrary code via a crafted AVI file that triggers heap memory corruption."}, {"lang": "es", "value": "El codec multimedia VMnc en vmnc.dll en VMware Movie Decoder anterior a v6.5.3 build 185404, VMware Workstation v6.5.x anterior a v6.5.3 build 185404, VMware Player v2.5.x anterior a v2.5.3 build 185404 y VMware ACE v2.5.x anterior a v2.5.3 build 185404 sobre Windows, no maneja adecuadamente determinados tama\u00f1os de altura en el contenido de video, lo que podr\u00eda permitir a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo AVI manipulado que provocar\u00eda un corrupci\u00f3n de memoria."}], "id": "CVE-2009-2628", "lastModified": "2018-10-10T19:41:03.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2009-09-08T22:30:00.483", "references": [{"source": "cret@cert.org", "tags": ["Patch"], "url": "http://lists.vmware.com/pipermail/security-announce/2009/000065.html"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/34938"}, {"source": "cret@cert.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/444513"}, {"source": "cret@cert.org", "url": "http://www.securityfocus.com/archive/1/506286/100/0/threaded"}, {"source": "cret@cert.org", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/36290"}, {"source": "cret@cert.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.vmware.com/security/advisories/VMSA-2009-0012.html"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2009/2553"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}