Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft DirectShow memory corruption
Published:14.04.2009
Source:
SecurityVulns ID:9836
Type:library
Threat Level:
7/10
Description:Memory corruption on Motion JPEG files decompression.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
CVE:CVE-2009-0084 (Use-after-free vulnerability in DirectShow in Microsoft DirectX 8.1 and 9.0 allows remote attackers to execute arbitrary code via an MJPEG file or video stream with a malformed Huffman table, which triggers an exception that frees heap memory that is later accessed, aka "MJPEG Decompression Vulnerability.")
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS09-011 - Critical Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (961373) (14.04.2009)
Files:Microsoft Security Bulletin MS09-011 - Critical Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (961373)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod