{"api_version":"1","generated_at":"2026-05-13T12:03:00+00:00","cve":"CVE-2009-4309","urls":{"html":"https://cve.report/CVE-2009-4309","api":"https://cve.report/api/cve/CVE-2009-4309.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2009-4309","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2009-4309"},"summary":{"title":"CVE-2009-4309","description":"Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a large size value in a movi record in an IV41 stream in a media file, as demonstrated by an AVI file.","state":"PUBLISHED","assigner":"mitre","published_at":"2009-12-13 01:30:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["CWE-119","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"9.3","severity":"","vector":"AV:N/AC:M/Au:N/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://securitytracker.com/id?1023302","name":"http://securitytracker.com/id?1023302","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"SecurityTracker.com Archives - Windows Media Player Indeo Codec Bugs Let Remote Users Execute Arbitrary Code","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.osvdb.org/60855","name":"http://www.osvdb.org/60855","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://zerodayinitiative.com/advisories/ZDI-09-089/","name":"http://zerodayinitiative.com/advisories/ZDI-09-089/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Zero Day Initiative","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/508324/100/0/threaded","name":"http://www.securityfocus.com/archive/1/508324/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2009/3440","name":"http://www.vupen.com/english/advisories/2009/3440","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12188","name":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12188","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Repository  /  Oval Repository","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://support.microsoft.com/kb/955759","name":"http://support.microsoft.com/kb/955759","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Microsoft Security Advisory: Description of the AppCompat update for Indeo codec: December 08, 2009","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"http://www.microsoft.com/technet/security/advisory/954157.mspx","name":"http://www.microsoft.com/technet/security/advisory/954157.mspx","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Your request has been blocked. This could be\r\n                        due to several reasons.","mime":"text/html","httpstatus":"403","archivestatus":"200"},{"url":"http://support.microsoft.com/kb/976138","name":"http://support.microsoft.com/kb/976138","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Microsoft Security Advisory: Description of the Quartz update for the Indeo codec: December 8, 2009","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"http://support.microsoft.com/kb/954157","name":"http://support.microsoft.com/kb/954157","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Microsoft Security Advisory: Vulnerabilities in the Indeo codec could allow remote code execution: December 8, 2009","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/54645","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/54645","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/54642","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/54642","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/37592","name":"http://secunia.com/advisories/37592","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"About Secunia Research | Flexera","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/37251","name":"http://www.securityfocus.com/bid/37251","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Intel Indeo Codec Media Content Multiple Buffer Overflow Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2009-4309","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-4309","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2009","cve_id":"4309","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_2000","cpe6":"*","cpe7":"sp4","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4309","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_2003_server","cpe6":"*","cpe7":"sp2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4309","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_2003_server","cpe6":"*","cpe7":"sp2","cpe8":"itanium","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4309","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_2003_server","cpe6":"*","cpe7":"sp2","cpe8":"x64","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4309","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"windows_media_player","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4309","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_xp","cpe6":"*","cpe7":"sp3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4309","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_xp","cpe6":"-","cpe7":"sp2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4309","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows_xp","cpe6":"-","cpe7":"sp2","cpe8":"x64","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T07:01:19.605Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"955759","tags":["vendor-advisory","x_refsource_MSKB","x_transferred"],"url":"http://support.microsoft.com/kb/955759"},{"name":"20091208 ZDI-09-089: Microsoft Windows Intel Indeo Codec Parsing Heap Overflow Vulnerability","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/508324/100/0/threaded"},{"name":"ms-ie-indeo41-bo(54642)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/54642"},{"name":"1023302","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1023302"},{"name":"37251","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/37251"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.microsoft.com/technet/security/advisory/954157.mspx"},{"name":"976138","tags":["vendor-advisory","x_refsource_MSKB","x_transferred"],"url":"http://support.microsoft.com/kb/976138"},{"name":"ADV-2009-3440","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2009/3440"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://zerodayinitiative.com/advisories/ZDI-09-089/"},{"name":"954157","tags":["vendor-advisory","x_refsource_MSKB","x_transferred"],"url":"http://support.microsoft.com/kb/954157"},{"name":"oval:org.mitre.oval:def:12188","tags":["vdb-entry","signature","x_refsource_OVAL","x_transferred"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12188"},{"name":"60855","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/60855"},{"name":"ms-ie-content-code-execution(54645)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/54645"},{"name":"37592","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/37592"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2009-12-08T00:00:00.000Z","descriptions":[{"lang":"en","value":"Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a large size value in a movi record in an IV41 stream in a media file, as demonstrated by an AVI file."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-10T18:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"955759","tags":["vendor-advisory","x_refsource_MSKB"],"url":"http://support.microsoft.com/kb/955759"},{"name":"20091208 ZDI-09-089: Microsoft Windows Intel Indeo Codec Parsing Heap Overflow Vulnerability","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/508324/100/0/threaded"},{"name":"ms-ie-indeo41-bo(54642)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/54642"},{"name":"1023302","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1023302"},{"name":"37251","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/37251"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.microsoft.com/technet/security/advisory/954157.mspx"},{"name":"976138","tags":["vendor-advisory","x_refsource_MSKB"],"url":"http://support.microsoft.com/kb/976138"},{"name":"ADV-2009-3440","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2009/3440"},{"tags":["x_refsource_MISC"],"url":"http://zerodayinitiative.com/advisories/ZDI-09-089/"},{"name":"954157","tags":["vendor-advisory","x_refsource_MSKB"],"url":"http://support.microsoft.com/kb/954157"},{"name":"oval:org.mitre.oval:def:12188","tags":["vdb-entry","signature","x_refsource_OVAL"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12188"},{"name":"60855","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/60855"},{"name":"ms-ie-content-code-execution(54645)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/54645"},{"name":"37592","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/37592"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2009-4309","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a large size value in a movi record in an IV41 stream in a media file, as demonstrated by an AVI file."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"955759","refsource":"MSKB","url":"http://support.microsoft.com/kb/955759"},{"name":"20091208 ZDI-09-089: Microsoft Windows Intel Indeo Codec Parsing Heap Overflow Vulnerability","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/508324/100/0/threaded"},{"name":"ms-ie-indeo41-bo(54642)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/54642"},{"name":"1023302","refsource":"SECTRACK","url":"http://securitytracker.com/id?1023302"},{"name":"37251","refsource":"BID","url":"http://www.securityfocus.com/bid/37251"},{"name":"http://www.microsoft.com/technet/security/advisory/954157.mspx","refsource":"CONFIRM","url":"http://www.microsoft.com/technet/security/advisory/954157.mspx"},{"name":"976138","refsource":"MSKB","url":"http://support.microsoft.com/kb/976138"},{"name":"ADV-2009-3440","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2009/3440"},{"name":"http://zerodayinitiative.com/advisories/ZDI-09-089/","refsource":"MISC","url":"http://zerodayinitiative.com/advisories/ZDI-09-089/"},{"name":"954157","refsource":"MSKB","url":"http://support.microsoft.com/kb/954157"},{"name":"oval:org.mitre.oval:def:12188","refsource":"OVAL","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12188"},{"name":"60855","refsource":"OSVDB","url":"http://www.osvdb.org/60855"},{"name":"ms-ie-content-code-execution(54645)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/54645"},{"name":"37592","refsource":"SECUNIA","url":"http://secunia.com/advisories/37592"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2009-4309","datePublished":"2009-12-13T01:00:00.000Z","dateReserved":"2009-12-12T00:00:00.000Z","dateUpdated":"2024-08-07T07:01:19.605Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2009-12-13 01:30:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["CWE-119","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:windows_media_player:*:*:*:*:*:*:*:*","matchCriteriaId":"5044AB3C-7E2F-45F8-8392-7E99FC198787"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*","matchCriteriaId":"83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*","matchCriteriaId":"2978BF86-5A1A-438E-B81F-F360D0E30C9C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*","matchCriteriaId":"F7EFB032-47F4-4497-B16B-CB9126EAC9DF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*","matchCriteriaId":"6881476D-81A2-4DFD-AC77-82A8D08A0568"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*","matchCriteriaId":"CE477A73-4EE4-41E9-8694-5A3D5DC88656"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*","matchCriteriaId":"34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*","matchCriteriaId":"FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2009","CveId":"4309","Ordinal":"1","Title":"CVE-2009-4309","CVE":"CVE-2009-4309","Year":"2009"},"notes":[{"CveYear":"2009","CveId":"4309","Ordinal":"1","NoteData":"Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a large size value in a movi record in an IV41 stream in a media file, as demonstrated by an AVI file.","Type":"Description","Title":"CVE-2009-4309"},{"CveYear":"2009","CveId":"4309","Ordinal":"2","NoteData":"2009-12-12","Type":"Other","Title":"Published"},{"CveYear":"2009","CveId":"4309","Ordinal":"3","NoteData":"2018-10-10","Type":"Other","Title":"Modified"}]}}}