1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Microsoft WMP AVI Buffer Overflow 1

HTTP Microsoft WMP AVI Buffer Overflow 1

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature detects an vulnerability in Microsoft Windows MPEG Audio Decoder which may result in remote code execution.

Additional Information

Microsoft MPEG Layer-3 audio codecs are used to compress or decompress digital media files.

Microsoft Windows is prone to a remote buffer-overflow vulnerability when handling specially crafted Audio Video Interleave (AVI) files. Specifically, this issue arises because the Microsoft MPEG Layer-3 codecs don't perform sufficient boundary checks when processing a malicious AVI file containing an MPEG Layer-3 audio stream.

An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file. A successful exploit may allow arbitrary code to run in the context of the currently logged-in user. Failed attack attempts may result in a denial-of-service condition.


  • Windows


Download and install all vendor patches related to this vulnerability.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube