MS09-038: Vulnerabilities in Windows Media File Processing Could Allow Remote Code Execution (971557)

High Nessus Plugin ID 40557


Arbitrary code can be executed on the remote host through Windows Media file processing.


The remote Windows host is affected by two vulnerabilities involving the way in which AVI headers are processed and AVI data is validated that could be abused to execute arbitrary code remotely.

If an attacker can trick a user on the affected system into opening a specially crafted AVI file, these issues could be leveraged to execute arbitrary code subject to the user's privileges.


Microsoft has released a set of patches for Windows 2000, XP, 2003, Vista and 2008.

See Also

Plugin Details

Severity: High

ID: 40557

File Name: smb_nt_ms09-038.nasl

Version: $Revision: 1.21 $

Type: local

Agent: windows

Published: 2009/08/11

Modified: 2017/08/09

Dependencies: 13855, 57033

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 7.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2009/08/11

Vulnerability Publication Date: 2009/08/11

Reference Information

CVE: CVE-2009-1545, CVE-2009-1546

BID: 35967, 35970

OSVDB: 56908, 56909

MSFT: MS09-038

MSKB: 971557

CWE: 94, 189