CVE-2025-21291

Windows Direct Show Remote Code Execution Vulnerability...

PT-2022-2746 · Microsoft · Windows Direct Show +1

Name of the Vulnerable Software and Affected Versions: Windows Direct Show affected versions not specified Description: The issue is related to insufficient input validation in the DirectShow component of Windows operating systems. This can be exploited by a remote attacker to execute arbitrary...

PsiXBot Adds PornModule, Google DNS Service to Its Arsenal

The PsiXBot malware has made a few changes in recent weeks, including implementing Google’s DNS over HTTPS DoH and adding the blackmail-ready “PornModule” to its bag of tricks. PsiXBot is a multi-use Windows malware that has a range of capabilities, including keylogging, stealing passwords and...

Windows DirectShow Information Disclosure Vulnerability

An information disclosure vulnerability exists in the way Windows DirectShow handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a target system. In a web-based attack scenario, an attacker could host a website used to...

KLA10988 Information disclosure vulnerability in Windows DirectShow

An improper objects handling in memory was found in Windows DirectShow. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a specially designed website. Original advisories MS17-021 CVE-2017-0042 Related products...

Microsoft Windows Arbitrary Code Execution Vulnerability (CNVD-2016-00255)

Microsoft Windows is a popular operating system. A heap corruption remote code execution vulnerability exists in DirectShow for Microsoft Windows that could allow a remote attacker to crash an application or execute arbitrary code via a constructed file that the user is tricked into parsing...