VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Oct 14, 2009· Updated Apr 23, 2026

CVE-2009-0555

CVE-2009-0555

Description

Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly process Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted audio file that uses the Windows Media Speech codec, aka "Windows Media Runtime Voice Sample Rate Vulnerability."

Affected products

20
  • Microsoft/Windows 2000
    cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
  • Microsoft/Windows Media Format Runtime3 versions
    cpe:2.3:a:microsoft:windows_media_format_runtime:9.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:microsoft:windows_media_format_runtime:9.0:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:windows_media_format_runtime:9.5:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:windows_media_format_runtime:11:*:*:*:*:*:*:*
  • Microsoft/Windows Media Player
    cpe:2.3:a:microsoft:windows_media_player:9:*:*:*:*:*:*:*
  • Microsoft/Windows Xp3 versions
    cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:x64:*
    • cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
  • Microsoft/Windows Server 20032 versions
    cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2003:-:sp2:*:*:*:*:*:*
  • Microsoft/Windows Server 20084 versions
    cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:x64:*+ 3 more
    • cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:x64:*
    • cpe:2.3:o:microsoft:windows_server_2008:*:*:*:*:*:*:x86:*
    • cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:*
    • cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x86:*
  • Microsoft/Windows Vista6 versions
    cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:x64:*
    • cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:x64:*
    • cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:x64:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.