9 results (0.011 seconds)

CVSS: 9.3EPSS: 52%CPEs: 10EXPL: 0

The QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 performs updates to pointers without properly validating unspecified data values, which allows remote attackers to execute arbitrary code via a crafted QuickTime media file, aka "DirectX Pointer Validation Vulnerability." EL QuickTime Movie Parser Filter en quartz.dll en DirectShow en Microsoft DirectX v7.0 a la v9.0c sobre Windows 2000 SP4, Windows XP SP2 y SP3, y Windows Server 2003 SP2, realiza actualizaciones a punteros sin validar adecuadamente los valores de datos no especificados, lo que permite a atacantes remotos ejecutar código de su elección a través de un archivo "Quicktime media" manipulado, también conocido como "Vulnerabilidad de validación de Puntero en DirectX". • http://osvdb.org/55844 http://www.securityfocus.com/bid/35600 http://www.us-cert.gov/cas/techalerts/TA09-195A.html http://www.vupen.com/english/advisories/2009/1886 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5963 • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 26%CPEs: 10EXPL: 0

The QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 does not properly validate unspecified size fields in QuickTime media files, which allows remote attackers to execute arbitrary code via a crafted file, aka "DirectX Size Validation Vulnerability." EL QuickTime Movie Parser Filter en quartz.dll en DirectShow en Microsoft DirectX v7.0 a la v9.0c sobre Windows 2000 SP4, Windows XP SP2 y SP3, y Windows Server 2003 SP2, no valida adecuadamente el tamaño sin especificar de los campos en los archivos "Quicktime media", lo que permite a atacantes remotos ejecutar código de su elección a través de un archivo manipulado, también conocido como "Vulnerabilidad de validación de tamaño en DirectX". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required in that a target must visit a malicious page or open a malicious video file. The specific flaw exists within the parsing of the length records of certain QuickTime atoms. The application implicitly trusts the length during a transformation which will lead to memory corruption and can be leveraged to execute arbitrary code under the context of the current user. • http://osvdb.org/55845 http://www.us-cert.gov/cas/techalerts/TA09-195A.html http://www.vupen.com/english/advisories/2009/1886 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6341 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 66%CPEs: 22EXPL: 0

Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted QuickTime media file, as exploited in the wild in May 2009, aka "DirectX NULL Byte Overwrite Vulnerability." Vulnerailidad sin especificar en el filtro QuickTime Movie Parser en quartz.dll en DirectShow en Microsoft DirectX v7.0 hasta v9.0c en Windows 2000 SP4, Windows XP SP2 y SP3, y Windows Server 2003 SP2 permite a atacantes remotos ejecutar código de su elección a través de un fichero multimedia QuickTime manipulado, como se ha explotado libremente en Mayo de 2009. • http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx http://isc.sans.org/diary.html?storyid=6481 http://osvdb.org/54797 http://secunia.com/advisories/35268 http://www.microsoft.com/technet/security/advisory/971778.mspx http://www.securityfocus.com/bid/35139 http://www.securitytracker.com/id?1022299 http://www.us •

CVSS: 9.3EPSS: 89%CPEs: 20EXPL: 0

Microsoft DirectX 8.1 through 9.0c, and DirectX on Microsoft XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008, does not properly perform MJPEG error checking, which allows remote attackers to execute arbitrary code via a crafted MJPEG stream in a (1) AVI or (2) ASF file, aka the "MJPEG Decoder Vulnerability." Microsoft DirectX 8.1 a 9.0c, y DirectX en Microsoft XP SP2 y SP3, Server 2003 SP1 y SP2, Vista Gold y SP1, y Server 2008 no realiza adecuadamente la comprobación de errores MJPEG lo cual podría permitir a usuarios remotos ejecutar código de su elección a través de una cadena de datos MJPEG manipulada en un archivo (1) AVI o (2) ASF, también conocida como la "Vulnerabilidad del decodificador MJPEG" • http://marc.info/?l=bugtraq&m=121380194923597&w=2 http://secunia.com/advisories/30579 http://securitytracker.com/id?1020222 http://www.securityfocus.com/bid/29581 http://www.us-cert.gov/cas/techalerts/TA08-162B.html http://www.vupen.com/english/advisories/2008/1780 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-033 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5236 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 91%CPEs: 20EXPL: 0

Stack-based buffer overflow in Microsoft DirectX 7.0 and 8.1 on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a Synchronized Accessible Media Interchange (SAMI) file with crafted parameters for a Class Name variable, aka the "SAMI Format Parsing Vulnerability." Desbordamiento de búfer basado en pila en Microsoft DirectX 7.0 y 8.1 o en Windows 2000 SP4 permite a atacantes remotos ejecutar código de su elección a través de un archivo Synchronized Accessible Media Interchange (SAMI) con parámetros manipulados para una variable Class Name, también conocida como la "Vulnerabilidad SAMI Format Parsing" This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the parsing of SAMI files. When handling the properties of a "Class Name" variable a lack of bounds checking can result in a stack overflow. Successful exploitation can lead to remote code execution under the credentials of the logged in user. • http://marc.info/?l=bugtraq&m=121380194923597&w=2 http://secunia.com/advisories/30579 http://securityreason.com/securityalert/3937 http://securitytracker.com/id?1020223 http://www.securityfocus.com/archive/1/493250/100/0/threaded http://www.securityfocus.com/bid/29578 http://www.us-cert.gov/cas/techalerts/TA08-162B.html http://www.vupen.com/english/advisories/2008/1780 http://www.zerodayinitiative.com/advisories/ZDI-08-040 https://docs.microsoft.com/en-us/security-updates&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •