Microsoft Windows Movie Maker MediaClipString Buffer Overflow

Added: 08/27/2010
CVE: CVE-2010-2564
BID: 42268
OSVDB: 66986

Background

Windows Movie Maker is software for creating and editing home movies.

Problem

A buffer overflow vulnerability when parsing MediaClipString data allows command execution when a user opens a specially crafted .MSWMM file.

Resolution

Apply the update referenced in Microsoft Security Bulletin 10-050.

References

http://secunia.com/advisories/38931/

Limitations

Exploit works on Microsoft Windows Movie Maker 2.1 and requires the user to open the exploit file.

Platforms

Windows

Back to exploit index