Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution
Information
Severity
Severity
Critical
Family
Family
Windows : Microsoft Bulletins
CVSSv2 Base
CVSSv2 Base
9.3
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
Solution Type
Solution Type
Vendor Patch
Created
Created
14 years ago
Modified
Modified
4 years ago
Summary
This host is installed with Microsoft DirectShow and is prone to remote code execution vulnerability. This NVT has been replaced by OID:1.3.6.1.4.1.25623.1.0.900588.
Insight
Insight
Microsoft DirectShow fails to handle supported QuickTime format files. This could allow code execution if a user opened a specially crafted QuickTime media file when a user is logged on with administrative user rights.
Affected Software
Affected Software
DirectX 7.0 8.1 and 9.0* on Microsoft Windows 2K DirectX 9.0 on Microsoft Windows XP and 2K3
Solution
Solution
The vendor has released updates. Please see the references for more information.