Hi,
We are working on one of issue reported by one of Security Scan tool, which says that our windows server machine
is vulnerable in some versions of Intel Indeo Video that could lead to a denial of service attack.
The flaw lies in ir41_32.ax and can be exploit by a remote attacker and could result in a denial of service
condition.After further investigation we got to know its effected version '4.51.16.3'.
But as we are using Windows Server 2008 R2 I am not sure this can be exploited or not, because as per
https://technet.microsoft.com/library/security/954157
the problem does NOT exist on Windows Server 2008.
Security investigate regarding CVE-2014-3735
April 28th, 2015 5:29pm
Hi,
As far as I know, ir41_32.ax 4.51.16.3 for Intel Indeo Video 4.5 allows remote attackers to cause a denial of service (crash) via a crafted .avi file.
If you are not using the above version of Intel Indeo Video, then systems are not affected.
In addition, it is recommended to keep Windows machines fully patched.
More information for you:
Vulnerability Summary for CVE-2014-3735
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3735
Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.
Best Regards,
Free Windows Admin Tool Kit Click here and download it now
April 29th, 2015 5:48am
Hi,
Thanks for reply.
Is it mean that ir41_32.ax 4.51.16.3 can cause trouble in any case if it is available in system irrespective of Windows OS type or version we are using.
April 29th, 2015 7:58am
Is it mean that ir41_32.ax 4.51.16.3 can cause trouble in any case if it is available in system irrespective of Windows OS type or version we are using.
As the way I see it, yes.
Best Regards,
Amy
Free Windows Admin Tool Kit Click here and download it now
April 29th, 2015 10:14pm
This topic is archived. No further replies will be accepted.
Other recent topics
