CVE-2007-3895
https://notcve.org/view.php?id=CVE-2007-3895
Buffer overflow in Microsoft DirectShow in Microsoft DirectX 7.0 through 10.0 allows remote attackers to execute arbitrary code via a crafted (1) WAV or (2) AVI file. Un desbordamiento de búfer en Microsoft DirectShow en Microsoft DirectX versiones 7.0 hasta 10.0, permite a los atacantes remotos ejecutar código arbitrario por medio de un archivo diseñado (1) WAV o (2) AVI. • http://secunia.com/advisories/28010 http://www.iss.net/threats/280.html http://www.kb.cert.org/vuls/id/321233 http://www.securityfocus.com/archive/1/485268/100/0/threaded http://www.securityfocus.com/bid/26804 http://www.securitytracker.com/id?1019073 http://www.us-cert.gov/cas/techalerts/TA07-345A.html http://www.vupen.com/english/advisories/2007/4180 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-064 https://exchange.xforce.ibmcloud • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2004-0202
https://notcve.org/view.php?id=CVE-2004-0202
IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed packet. El interfaz de programación de aplicación (API) IDirectPlay de Microsoft DirectPlay 7.0a a 9.0b, usado en Windows Server 2003 y anteriores, permite a atacantes remotos causar una denegación de servicio (caída de aplicación) mediante un paquete malformado. • http://secunia.com/advisories/11802 http://www.osvdb.org/6742 http://www.securityfocus.com/bid/10487 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-016 https://exchange.xforce.ibmcloud.com/vulnerabilities/16306 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1027 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2190 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Ad •
CVE-2003-0346
https://notcve.org/view.php?id=CVE-2003-0346
Multiple integer overflows in a Microsoft Windows DirectX MIDI library (QUARTZ.DLL) allow remote attackers to execute arbitrary code via a MIDI (.mid) file with (1) large length for a Text or Copyright string, or (2) a large number of tracks, which leads to a heap-based buffer overflow. Múltiples desbordamientos en una librería MIDI Microsoft Windows DirectX (QUARTZ.DLL) permite a atacantes remotos ejecutar código arbitrario mediante un fichero midi (.mid) con (1) una cadena de texto o de copyright larga), o (2) un número de pistas largo, lo que conduce a un desbordamiento de búfer en el montón. • http://marc.info/?l=bugtraq&m=105899759824008&w=2 http://www.cert.org/advisories/CA-2003-18.html http://www.kb.cert.org/vuls/id/265232 http://www.kb.cert.org/vuls/id/561284 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-030 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1095 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1104 https://oval.cisecurity.org/repository/search •