Design/Logic Flaw

2013-02-1312:04:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

Low

0.913 High

EPSS

Percentile

98.9%

JSON

Quartz.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via crafted media content in (1) a media file, (2) a media stream, or (3) a Microsoft Office document, aka “Media Decompression Vulnerability.”

CPENameOperatorVersion
windows_xpeq sp2x64

CPE	Name	Operator	Version
	windows_xp	eq	sp2x64

References

www.us-cert.gov/cas/techalerts/TA13-043B.html

docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-011

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15873