Lucene search
+L

296 matches found

CVE
CVE
added 2014/07/08 10:0 p.m.69 views

CVE-2014-2780

CVE-2014-2780 corresponds to a DirectShow elevation-of-privilege vulnerability in Microsoft Windows (affecting Vista SP2, Server 2008 SP2/R2, Windows 7 SP1, 8, 8.1, and Server 2012). The root cause is an input-validation flaw in DirectShow when processing unserialized Stretch objects, enabling lo...

6.9CVSS6.7AI score0.01768EPSS
Exploits0References3Affected Software6
ThreatPost
ThreatPost
added 2014/07/08 3:23 p.m.10 views

Microsoft July 2014 Patch Tuesday fixes 29 IE Vulnerabilities

Microsoft today issued two critical-, three important-, and one moderate-rated security bulletins in the July edition of its monthly Patch Tuesday release. The updates address 29 security vulnerabilities in the company’s Windows operating system, Internet Explorer browser, and server software. Th...

Exploits0References3
Symantec
Symantec
added 2014/07/08 12:0 a.m.31 views

Microsoft DirectX DirectShow CVE-2014-2780 Local Privilege Escalation Vulnerability

Description Microsoft DirectX DirectShow is prone to a local privilege-escalation vulnerability. A local attacker may exploit this issue to execute arbitrary code with elevated privileges in the context of the logged-in user. Failed exploit attempts may cause a denial-of-service condition...

6.9CVSS0.3AI score0.01768EPSS
Exploits0References1Affected Software8
Microsoft KB
Microsoft KB
added 2014/07/08 12:0 a.m.87 views

MS14-041: Vulnerability in DirectShow could allow elevation of privilege: July 8, 2014

Resolves a vulnerability in Microsoft Windows that could allow elevation of privilege if an attacker first exploits another vulnerability in a low-integrity process and then uses this vulnerability to execute specially crafted code in the context of the logged-on user.INTRODUCTIONMicrosoft has...

6.9CVSS6.1AI score0.01768EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2014/07/08 12:0 a.m.19 views

MS14-041: Description of the security update for DirectShow systems that do not have the 2919355 update installed: July 8, 2014

None None...

6.1AI score
Exploits0
Microsoft KB
Microsoft KB
added 2014/07/08 12:0 a.m.18 views

MS14-041: Description of the security update for DirectShow: July 8, 2014

None None...

6.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/07/08 12:0 a.m.38 views

MS14-041: Vulnerability in Microsoft DirectShow Could Allow Elevation of Privilege (2975681)

The remote Windows host is affected by a vulnerability in Microsoft DirectShow that could allow privilege escalation. Note that this issue can only be exploited if an attacker first successfully exploits another vulnerability in a low integrity process. C Tenable Network Security, Inc...

6.9CVSS5.5AI score0.01768EPSS
Exploits0References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Microsoft DirectX DirectShow SAMI Buffer Overflow

No description provided by source. $Id: ms07064sami.rb 10550 2010-10-05 01:05:49Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.59 views

DirectShow Arbitrary Memory Overwrite Vulnerability (MS13-056)

No description provided by source. Introduction: The Microsoft DirectShow application programming interface API is a media-streaming architecture for Microsoft Windows. Using DirectShow, your applications can perform high-quality video and audio playback or capture. Overview: DirectShow in...

9.3CVSS6.5AI score0.31979EPSS
Exploits5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.32 views

Microsoft DirectShow (msvidctl.dll) MPEG-2 Memory Corruption

No description provided by source. $Id: msvidctlmpeg2.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of us...

7.1AI score0.76733EPSS
Exploits10
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Orb 2.0.01.0049 - 2.54.0018 - DirectShow DoS

No description provided by source. When Orb is first installed it registers several Direct Show filters with the system. When registered these filters are then called whenever a file which has a dependency on such a required filter is accessed. By specially crafting specific headers embedded into...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2014/04/08 12:0 a.m.34 views

Microsoft Windows DirectShow JPEG Double Free (MS14-013; CVE-2014-0301) - ver 2

A double free vulnerability has been reported in Microsoft Windows DirectShow. The vulnerability is due to the way DirectShow handles JPEG images. A remote attacker can exploit this vulnerability by enticing a user to download and process a maliciously crafted JPEG file...

6.2AI score0.13974EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2014/03/31 12:0 a.m.33 views

Microsoft DirectShow Crafted MJPEG Stream Handling Code Execution (MS10-033) - Ver2 (CVE-2010-1879)

Microsoft DirectShow is used for streaming media on Microsoft Windows operating systems. It is used for high-quality capture and playback of multimedia streams. Audio Video Interleave AVI is a file type that is used with applications that capture, edit, and play back audio-video sequences. A remo...

9.3CVSS7.5AI score0.20284EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2014/03/31 12:0 a.m.60 views

Microsoft DirectShow AVI Parser Heap Overflow - Ver2 (CVE-2010-0250)

A buffer overflow vulnerability has been reported in Microsoft DirectShow. The vulnerability is due to the way Microsoft DirectShow component handles specially crafted AVI files. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected...

7.4AI score0.31862EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2014/03/31 12:0 a.m.49 views

Microsoft DirectShow QuickTime Movie Parser Filter Code Execution - Ver2 (CVE-2009-1537)

Microsoft DirectShow is used for streaming media on Microsoft Windows operating systems. It is used for high-quality capture and playback of multimedia streams. The QuickTime Movie Parser filter splits Apple QuickTime data into audio and video streams. The vulnerability is due to the way Microsof...

9.3CVSS6.2AI score0.51207EPSS
Exploits7
Check Point Advisories
Check Point Advisories
added 2014/03/27 12:0 a.m.26 views

Microsoft Windows DirectShow JPEG Double Free (MS14-013; CVE-2014-0301)

A double free vulnerability has been reported in Microsoft Windows DirectShow. The vulnerability is due to the way DirectShow handles JPEG images. A remote attacker can exploit this vulnerability by enticing a user to download and process a maliciously crafted JPEG file...

9.3CVSS6.2AI score0.13974EPSS
Exploits1
securityvulns
securityvulns
added 2014/03/18 12:0 a.m.124 views

Microsoft Windows multiple security vulnerabilities

DirectShow memory corruptions, SilverLight restrictions bypass, SAMR restrictions bypass, kernel mode drivers privilege escalations...

9.3CVSS3.9AI score0.13974EPSS
Exploits5Affected Software1
NVD
NVD
added 2014/03/12 5:15 a.m.33 views

CVE-2014-0301

Double free vulnerability in qedit.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code vi...

9.3CVSS7.4AI score0.13974EPSS
Exploits1References1
Cvelist
Cvelist
added 2014/03/12 1:0 a.m.35 views

CVE-2014-0301

Double free vulnerability in qedit.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code vi...

7.3AI score0.13974EPSS
Exploits1References1
CVE
CVE
added 2014/03/12 1:0 a.m.117 views

CVE-2014-0301

CVE-2014-0301 is a DirectShow memory corruption (double-free) in qedit.dll used when processing JPEGs, enabling remote code execution on Windows XP/Server 2003/Vista/Server 2008/Windows 7/8/8.1/Server 2012. Affected components include DirectShow JPEG handling; root cause is a double-free in JPEG ...

9.3CVSS7.5AI score0.13974EPSS
Exploits1References1Affected Software8
Rows per page
Query Builder