CVE-2009-1538

The QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 performs updates to pointers without properly validating unspecified data values, which allows remote attackers to execute...

CVE-2009-1539

CVE-2009-1539 concerns a DirectShow DirectX/Quartz component (quartz.dll) in Windows 2000 SP4, XP SP2/SP3, and Server 2003 SP2. The QuickTime Movie Parser Filter fails to validate certain size fields in QuickTime media files, enabling remote code execution via a crafted file or streaming content....

Microsoft DirectShow Remote Code Execution Vulnerability (961373)

This host is missing a critical security update according to Microsoft Bulletin MS09-028. OpenVAS Vulnerability Test $Id: secpodms09-028.nasl 5363 2017-02-20 13:07:22Z cfi $ Microsoft DirectShow Remote Code Execution Vulnerability 971633 Authors: Nikita MR Copyright c 2009 SecPod,...

Microsoft DirectShow Remote Code Execution Vulnerability (961373)

This host is missing a critical security update according to Microsoft Bulletin MS09-028. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Inside Microsoft's July Security Patch Batch

Microsoft released six security bulletins today — three rated Critical and three rated Important. Two of the issues are being actively exploited on the Internet and four of the issues are client-side vulnerabilities, which means the exploit can only occur if a user visits an evil website or opens...

Microsoft Plugs Critical Windows, IE Vulnerabilities

Microsoft today released six bulletins with fixes for at least nine documented security vulnerabilities in a range of products that put users at risk of malicious hacker attacks. At least two of the vulnerabilities are currently being attacked in the wild so it’s imperative that Windows users and...

Microsoft DirectShow Pointer Validation Remote Code Execution (MS09-028; CVE-2009-1538)

Microsoft DirectShow is used for streaming media on Microsoft Windows operating systems. It is used for high-quality capture and playback of multimedia streams. The vulnerability is due to an error in the Microsoft DirectShow component that fails to properly validate certain values when updating ...

Microsoft DirectShow Size Validation Remote Code Execution (MS09-028; CVE-2009-1539)

Microsoft DirectShow is used for streaming media on Microsoft Windows operating systems. It is used for high-quality capture and playback of multimedia streams. The vulnerability is due to an error in the Microsoft DirectShow component that fails to properly validate certain size fields within...

Microsoft DirectShow Quicktime Atom Parsing Memory Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required in that a target must visit a malicious page or open a malicious video file. The specific flaw exists within the parsing of the length records of...

TPTI-09-05: Microsoft DirectShow QuickTime Atom Parsing Memory Corruption Vulnerability

TPTI-09-05: Microsoft DirectShow QuickTime Atom Parsing Memory Corruption Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-09-05 July 14, 2009 -- CVE ID: CVE-2009-1539 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Serv...

Microsoft DirectShow multiple security vulnerabilities

Multiple DoS conditions and memory corruptions on Apple QuickTime formats processing...

ZDI-09-045: Microsoft DirectShow Quicktime Atom Parsing Memory Corruption Vulnerability

ZDI-09-045: Microsoft DirectShow Quicktime Atom Parsing Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-045 July 14, 2009 -- CVE ID: CVE-2009-1539 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows...

Microsoft Security Bulletin MS09-028 - Critical Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution (971633)

Microsoft Security Bulletin MS09-028 - Critical Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution 971633 Published: July 14, 2009 Version: 1.0 General Information Executive Summary This security update resolves one publicly disclosed vulnerability and two privately reporte...

MS09-028: Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution (971633)

The DirectShow component included with the version of Microsoft DirectX installed on the remote host is affected by multiple vulnerabilities that may allow execution of arbitrary code when processing a specially crafted QuickTime media file. C Tenable Network Security, Inc. include'compat.inc'; i...

Apple QuickTime NULL指针引用拒绝服务漏洞

Bugraq ID: 35359 Apple QuickTime是一款流行的媒体播放程序。 Apple QuickTime CFRelease函数存在NULL指针应用问题，远程攻击者可以利用漏洞使应用程序崩溃。 构建恶意WEB页，诱使用户访问可触发此漏洞。 Apple Safari 3.2.3 for Windows Apple Safari 3.2.3 Apple Safari 3.2.2 for Windows Apple Safari 3.1.2 for Windows Apple Safari 3.1.2 Apple Safari 3.1.1 for Windows Apple...

Apple Safari & Quicktime Denial of Service Vulnerability

No description provided by source. Apple Safari & Quicktime Denial of Service Shameless plug : ------------------------------------------------------------------------ You are invited to join the 2009 edition of HACK.LU, a small but concentrated luxemburgish security conference. More information ...

Apple QuickTime CRGN Atom Local Crash Exploit

No description provided by source. 0:000 !exploitable -v HostMachine\HostUser Executing Processor Architecture is x86 Debuggee is in User Mode Debuggee is a live user mode debugging session on the local machine Event Type: Exception Exception Faulting Address: 0x66830f9b First Chance Exception...

[TZO-36-2009] Apple Safari & Quicktime Denial of Service

Apple Safari & Quicktime Denial of Service Shameless plug : ------------------------------------------------------------------------ You are invited to join the 2009 edition of HACK.LU, a small but concentrated luxemburgish security conference. More information : http://www.hack.lu - CFP is open,...

Apple Safari & Quicktime Denial of Service Vulnerability

Exploit for multiple platform in category dos / poc ======================================================== Apple Safari & Quicktime Denial of Service Vulnerability ======================================================== Apple Safari & Quicktime Denial of Service Shameless plug :...

Apple Safari / QuickTime Denial Of Service

Apple Safari & Quicktime Denial of Service Shameless plug : ------------------------------------------------------------------------ You are invited to join the 2009 edition of HACK.LU, a small but concentrated luxemburgish security conference. More information : http://www.hack.lu - CFP is open,...