CVE-2009-4311

N/A Unknown
Published: December 13, 2009 Modified: April 23, 2026
View on NVD

Description

Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Paul Byrne of NGS Software. NOTE: this might overlap CVE-2008-3615.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://secunia.com/advisories/37592
Source: cve@mitre.org
Vendor Advisory
http://securitytracker.com/id?1023302
Source: cve@mitre.org
http://support.microsoft.com/kb/954157
Source: cve@mitre.org
Patch Vendor Advisory
http://support.microsoft.com/kb/955759
Source: cve@mitre.org
Patch Vendor Advisory
http://support.microsoft.com/kb/976138
Source: cve@mitre.org
Patch Vendor Advisory
http://www.microsoft.com/technet/security/advisory/954157.mspx
Source: cve@mitre.org
Patch Vendor Advisory
http://www.securityfocus.com/bid/37251
Source: cve@mitre.org
http://www.vupen.com/english/advisories/2009/3440
Source: cve@mitre.org
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/54645
Source: cve@mitre.org
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11975
Source: cve@mitre.org
http://secunia.com/advisories/37592
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://securitytracker.com/id?1023302
Source: af854a3a-2127-422b-91ae-364da2661108
http://support.microsoft.com/kb/954157
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://support.microsoft.com/kb/955759
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://support.microsoft.com/kb/976138
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.microsoft.com/technet/security/advisory/954157.mspx
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.securityfocus.com/bid/37251
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2009/3440
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/54645
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11975
Source: af854a3a-2127-422b-91ae-364da2661108

20 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
25.4%
96th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-94

Affected Vendors

microsoft

Related CVEs

CVE-2026-6786 8.1
CVE-2026-6785 8.1
CVE-2026-7041 3.7
CVE-2026-7039 7.8
CVE-2026-7038 3.3