CVE-2010-0480

EXPLOITED

Microsoft Windows 2000 - Memory Corruption

Title source: rule

Description

Multiple stack-based buffer overflows in the MPEG Layer-3 audio codecs in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to execute arbitrary code via a crafted AVI file, aka "MPEG Layer-3 Audio Decoder Stack Overflow Vulnerability."

Exploits (4)

exploitdb WORKING POC VERIFIED
by Abysssec · pythondoswindows
https://www.exploit-db.com/exploits/15096
exploitdb WORKING POC VERIFIED
by Abysssec · pythonremotewindows
https://www.exploit-db.com/exploits/14895
exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/17659
metasploit WORKING POC NORMAL
by Yamata Li · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ms10_026_avi_nsamplespersec.rb

References (4)

Scores

EPSS 0.8349
EPSS Percentile 99.3%

Exploitation Intel

VulnCheck KEV 2012-10-18

Classification

CWE
CWE-119
Status draft

Affected Products (19)

microsoft/windows_2000
microsoft/windows_xp
microsoft/windows_xp
microsoft/windows_xp
microsoft/windows_2003_server
microsoft/windows_2003_server
microsoft/windows_server_2003
microsoft/windows_server_2008
microsoft/windows_server_2008
microsoft/windows_server_2008
microsoft/windows_server_2008
microsoft/windows_server_2008
microsoft/windows_server_2008
microsoft/windows_vista
microsoft/windows_vista
... and 4 more

Timeline

Published Apr 14, 2010
Tracked Since Feb 18, 2026