Lucene search
+L

3 matches found

seebug.org
seebug.org
added 2010/02/25 12:0 a.m.42 views

Microsoft DirectX DirectShow AVI文件解析堆溢出漏洞(MS10-013)

BUGTRAQ ID: 38112 CVE ID: CVE-2010-0250 Microsoft DirectX是Windows操作系统中的一项功能,流媒体在玩游戏或观看视频时通过这个功能支持图形和声音。 DirectX的DirectShow组件(quartz.dll)在解析AVI文件中的特定类型视频流时没有正确的使用分配所用的长度字段,导致分配了不充分的缓冲区。用户打开特制的AVI文件就可以触发堆溢出,导致执行任意代码。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Vista SP2...

9.3CVSS2.3AI score0.31862EPSS
Exploits1
CVE
CVE
added 2010/02/10 6:0 p.m.82 views

CVE-2010-0250

CVE-2010-0250 is a DirectShow/Quartz heap overflow vulnerability in Microsoft DirectX where the AVI/QUartz AVI parser misallocates a buffer when processing a crafted AVI file’s length field, enabling remote code execution. Affected components include DirectShow (AVI Filter) and Quartz, with impac...

9.3CVSS7.9AI score0.31862EPSS
Exploits1References8Affected Software4
securityvulns
securityvulns
added 2010/02/10 12:0 a.m.68 views

ZDI-10-015: Microsoft Windows RLE Video Decompressor Remote Code Execution Vulnerability

ZDI-10-015: Microsoft Windows RLE Video Decompressor Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-015 February 9, 2010 -- CVE ID: CVE-2010-0250 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Windows XP Microsoft Windows Vista --...

9.3CVSS1.3AI score0.31862EPSS
Exploits1
Rows per page
Query Builder