Vulnerabilities > Microsoft > Windows Media Format Runtime

DATE CVE VULNERABILITY TITLE RISK
2013-07-10 CVE-2013-3127 Code Injection vulnerability in Microsoft Windows Media Format Runtime and Windows Media Player
The Microsoft WMV video codec in wmv9vcm.dll, wmvdmod.dll in Windows Media Format Runtime 9 and 9.5, and wmvdecod.dll in Windows Media Format Runtime 11 and Windows Media Player 11 and 12 allows remote attackers to execute arbitrary code via a crafted media file, aka "WMV Video Decoder Remote Code Execution Vulnerability."
network
microsoft CWE-94
critical
 9.3
9.3
2010-06-08 CVE-2010-1879 Code Injection vulnerability in Microsoft products
Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media Format Runtime 9, 9.5, and 11; Media Encoder 9; and the Asycfilt.dll COM component allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "Media Decompression Vulnerability."
network
microsoft CWE-94
critical
 9.3
9.3
2009-10-14 CVE-2009-0555 Code Injection vulnerability in Microsoft products
Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly process Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted audio file that uses the Windows Media Speech codec, aka "Windows Media Runtime Voice Sample Rate Vulnerability."
network
microsoft CWE-94
critical
 9.3
9.3
2007-12-12 CVE-2007-0064 Buffer Errors vulnerability in Microsoft products
Heap-based buffer overflow in Windows Media Format Runtime 7.1, 9, 9.5, 9.5 x64 Edition, 11, and Windows Media Services 9.1 for Microsoft Windows 2000, XP, Server 2003, and Vista allows user-assisted remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file.
network
microsoft CWE-119
critical
 9.3
9.3