This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.
Arbitrary code can be executed on the remote Windows host through the
The remote Windows XP host contains a version of the Indeo codec that
is affected by an insecure library loading vulnerability.
A remote attacker could exploit this by tricking a user into opening a
legitimate file (e.g., an .avi file) located in the same directory as
a maliciously crafted dynamic link library (DLL) file, resulting in
arbitrary code execution.
See also :
Microsoft has released a patch for Windows XP.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.7
Public Exploit Available : true