Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.900097
Kategorie:Windows : Microsoft Bulletins
Titel:Microsoft DirectShow RCE Vulnerability
Zusammenfassung:Microsoft DirectShow is prone to a remote code execution (RCE) vulnerability.;; This VT has been replaced by OID:1.3.6.1.4.1.25623.1.0.900588.
Beschreibung:Summary:
Microsoft DirectShow is prone to a remote code execution (RCE) vulnerability.

This VT has been replaced by OID:1.3.6.1.4.1.25623.1.0.900588.

Vulnerability Insight:
Microsoft DirectShow fails to handle supported QuickTime format files. This
could allow code execution if a user opened a specially crafted QuickTime
media file when a user is logged on with administrative user rights.

Vulnerability Impact:
Attacker who successfully exploit this flaw could take complete control of
an affected system.

Affected Software/OS:
DirectX 7.0 8.1 and 9.0* on Microsoft Windows 2K

DirectX 9.0 on Microsoft Windows XP and 2K3

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: BugTraq ID: 35139
Common Vulnerability Exposure (CVE) ID: CVE-2009-1537
http://www.securityfocus.com/bid/35139
Cert/CC Advisory: TA09-195A
http://www.us-cert.gov/cas/techalerts/TA09-195A.html
http://isc.sans.org/diary.html?storyid=6481
Microsoft Security Bulletin: MS09-028
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028
http://osvdb.org/54797
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6237
http://www.securitytracker.com/id?1022299
http://secunia.com/advisories/35268
http://www.vupen.com/english/advisories/2009/1445
http://www.vupen.com/english/advisories/2009/1886
CopyrightCopyright (C) 2009 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.