=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2010/VULN314
_____________________________________________________________________

DATE                      : 13/08/2010

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Windows XP, Windows Vista, Windows 7
                                       running Cinepak Codec.

======================================================================
KB982665
http://www.microsoft.com/technet/security/Bulletin/MS10-055.mspx
______________________________________________________________________

Microsoft Security Bulletin MS10-055 - Critical
Vulnerability in Cinepak Codec Could Allow Remote Code Execution (982665)

Version: 1.0

General Information

Executive Summary

  This security update resolves a privately reported vulnerability in Cinepak
  Codec. The vulnerability could allow remote code execution if a user opens a
  specially crafted media file or receives specially crafted streaming content
  from a Web site or any application that delivers Web content. An attacker
  who successfully exploited this vulnerability could gain the same user
  rights as the local user. Users whose accounts are configured to have fewer
  user rights on the system could be less impacted than users who operate with
  administrative user rights.

  This security update is rated Critical for all supported editions of Windows
  XP, Windows Vista, and Windows 7. For more information, see the subsection,
  Affected and Non-Affected Software, in this section.

  The security update addresses the vulnerability by correcting the manner in
  which the Cinepak code decompresses media files. For more information about
  the vulnerability, see the Frequently Asked Questions (FAQ) subsection for
  the specific vulnerability entry under the next section, Vulnerability
  Information.

Affected Software

  Windows XP Service Pack 3
  Windows XP Professional x64 Edition Service Pack 2
  Windows Vista Service Pack 1 and Windows Vista Service Pack 2
  Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition
    Service Pack 2
  Windows 7 for 32-bit Systems
  Windows 7 for x64-based Systems

Vulnerability Information

Cinepak Codec Decompression Vulnerability - CVE-2010-2553

  A remote code execution vulnerability exists in the way the Cinepak codec
  handles supported format files. This vulnerability could allow code
  execution if a user opened a specially crafted media file. If a user is
  logged on with administrative user rights, an attacker who successfully
  exploited this vulnerability could take complete control of an affected
  system. An attacker could then install programs; view, change, or delete
  data; or create new accounts with full user rights. Users whose accounts
  are configured to have fewer user rights on the system could be less
  impacted than users who operate with administrative user rights.

======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================