Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:BE3D6E9D61F79AE695FBFD2A828E7A27
HistoryJan 22, 2008 - 12:00 a.m.

Microsoft DirectX SAMI parser buffer overflow

2008-01-2200:00:00
SAINT Corporation
download.saintcorporation.com
12

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.968 High

EPSS

Percentile

99.6%

JSON

Added: 01/22/2008
CVE: CVE-2007-3901
BID: 26789
OSVDB: 39126

Background

DirectX is a feature of the Windows operating system used for streaming media.

Problem

A buffer overflow vulnerability in DirectX allows command execution when a user opens a specially crafted SAMI file in Windows Media Player.

Resolution

Apply the patch referenced in Microsoft Security Bulletin 07-064.

References

<http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=632&gt;

Limitations

Exploit works on Windows 2000 with DirectX 7.0 (4.07.00.0700) or DirectX 8.1 (4.08.01.0881). Successful exploitation requires a user to open the exploit file in Windows Media Player 6.4.

Platforms

Windows 2000

Related

securityvulns 3
packetstorm 2
seebug 2
saint 3
checkpoint_advisories 1
cert 1
exploitpack 1
prion 1
cve 1
exploitdb 1
nessus 1
openvas 2
securityvulns
securityvulns
iDefense Security Advisory 12.11.07: Microsoft DirectX 7 and 8 DirectShow Stack Buffer Overflow Vulnerability
2007-12-13 00:00:00
Microsoft Windows DirectX multiple security vulnerabilities
2007-12-13 00:00:00
Microsoft Security Bulletin MS07-064 – Critical Vulnerabilities in DirectX Could Allow Remote Code Execution &#40;941568&#41;
2007-12-12 00:00:00
packetstorm
packetstorm
sami-overflow.txt
2008-01-09 00:00:00
Microsoft DirectX DirectShow SAMI Buffer Overflow
2009-11-26 00:00:00
seebug
seebug
Microsoft DirectX SAMI File Parsing Remote Stack Overflow Exploit
2008-01-09 00:00:00
Microsoft DirectX SAMI及WAV/AVIζ–‡δ»Άθ§£ζžθΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄žοΌˆMS07-064οΌ‰
2007-12-13 00:00:00
saint
saint
Microsoft DirectX SAMI parser buffer overflow
2008-01-22 00:00:00
Microsoft DirectX SAMI parser buffer overflow
2008-01-22 00:00:00
Microsoft DirectX SAMI parser buffer overflow
2008-01-22 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft DirectX SAMI File Parsing Code Execution (MS07-064; CVE-2007-3901)
2007-12-17 00:00:00
cert
cert
Microsoft DirectX SAMI parsing buffer overflow
2007-12-14 00:00:00
exploitpack
exploitpack
Microsoft DirectX SAMI File Parsing - Remote Stack Overflow
2008-01-08 00:00:00
prion
prion
Stack overflow
2007-12-12 00:46:00
cve
cve
CVE-2007-3901
2007-12-12 00:46:00
exploitdb
exploitdb
Microsoft DirectX SAMI File Parsing - Remote Stack Overflow
2008-01-08 00:00:00
nessus
nessus
MS07-064: Vulnerabilities in DirectX Could Allow Remote Code Execution (941568)
2007-12-11 00:00:00
openvas
openvas
Vulnerabilities in DirectX Could Allow Remote Code Execution (941568)
2011-01-14 00:00:00
Vulnerabilities in DirectX Could Allow Remote Code Execution (941568)
2011-01-14 00:00:00

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.968 High

EPSS

Percentile

99.6%

JSON
Related for SAINT:BE3D6E9D61F79AE695FBFD2A828E7A27
securityvulns3packetstorm2seebug2saint3checkpoint_advisories1cert1exploitpack1prion1cve1exploitdb1nessus1openvas2