SUSE SLED12 / SLES12 Security Update : gstreamer-plugins-base (SUSE-SU-2017:1041-1)

This update for gstreamer-plugins-base fixes the following security issues : - A crafted AVI file could have caused a floating point exception leading to DoS bsc1024076, CVE-2017-5837, bsc1024079, CVE-2017-5844 - A crafted AVI file could have caused a stack overflow leading to DoS bsc1024047,...

Stack overflow

Stack-based buffer overflow in Microsoft DirectX 7.0 and 8.1 on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a Synchronized Accessible Media Interchange SAMI file with crafted parameters for a Class Name variable, aka the "SAMI Format Parsing Vulnerability."...

CVE-2008-1444

Stack-based buffer overflow in Microsoft DirectX 7.0 and 8.1 on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a Synchronized Accessible Media Interchange SAMI file with crafted parameters for a Class Name variable, aka the "SAMI Format Parsing Vulnerability."...

CVE-2008-1444

CVE-2008-1444 is a DirectX SAMI Format Parsing Vulnerability affecting Microsoft DirectX 7.0 and 8.1 on Windows 2000 SP4. The issue is a stack-based buffer overflow in the SAMI file parser (Class Name parameter) that can enable remote code execution when a user opens a crafted SAMI file. OpenVAS ...

Microsoft DirectX SAMI文件及MJPEG视频流解析栈溢出漏洞（MS08-032）

BUGTRAQ ID: 29581,29578 CVECAN ID: CVE-2008-0011,CVE-2008-1444 Microsoft DirectX是Windows操作系统中的一项功能，流媒体在玩游戏或观看视频时通过这个功能支持图形和声音。 DirectX在解析SAMI文件中的Class Name变量属性参数时存在栈溢出漏洞，Windows MJPEG Codec在解析ASF或AVI媒体文件中内嵌的MJPEG音频流时存在另一个栈溢出漏洞。如果用户受骗打开或预览了恶意的媒体文件的话，就可以触发这些溢出，导致执行任意指令。 Microsoft DirectX 9.0...

ZDI-08-040: Microsoft DirectX SAMI File Format Name Parsing Stack Overflow Vulnerability

ZDI-08-040: Microsoft DirectX SAMI File Format Name Parsing Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-040 -- CVE ID: CVE-2008-1444 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Windows 2000 SP4 -- TippingPointTM IPS Customer Protection:...

Microsoft DirectX SAMI File Parsing Stack Based Buffer Overflow Vulnerability

Description Microsoft DirectX is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. The vulnerability occurs when handling malformed SAMI files. Successfully exploiting this issue allows remote attackers to execute...

Microsoft DirectX SAMI parser buffer overflow

Added: 01/22/2008 CVE: CVE-2007-3901 BID: 26789 OSVDB: 39126 Background DirectX is a feature of the Windows operating system used for streaming media. Problem A buffer overflow vulnerability in DirectX allows command execution when a user opens a specially crafted SAMI file in Windows Media Playe...

Microsoft DirectX SAMI File Parsing Remote Stack Overflow Exploit

No description provided by source. !/usr/bin/python Bug discovered by Jun Mao of VeriSign iDefense http://www.securityfocus.com/bid/26789 CVE-2007-3901 Coded by Matteo Memelli aka ryujin http://www.gray-world.net http://www.be4mind.com Tested on: Windows 2000 SP4 English, DirectX 7.0 4.07.00.0700...

Microsoft DirectX SAMI File Parsing - Remote Stack Overflow

Microsoft DirectX SAMI File Parsing - Remote Stack Overflow !/usr/bin/python Bug discovered by Jun Mao of VeriSign iDefense https://www.securityfocus.com/bid/26789 CVE-2007-3901 Coded by Matteo Memelli aka ryujin http://www.gray-world.net http://www.be4mind.com Tested on: Windows 2000 SP4 English...

Microsoft DirectX SAMI File Parsing Code Execution (MS07-064; CVE-2007-3901)

Microsoft DirectX is a set of libraries that aim for accelerated video and audio experience on Microsoft Windows operating system. DirectX can parse various file formats which include SAMI files. Synchronized Accessible Media Interchange SAMI files are text files that contain the text strings use...

Microsoft DirectX SAMI及WAV/AVI文件解析远程代码执行漏洞（MS07-064）

BUGTRAQ ID: 26804,26789 CVECAN ID: CVE-2007-3901,CVE-2007-3895 Microsoft DirectX是Windows操作系统中的一项功能，流媒体在玩游戏或观看视频时通过这个功能支持图形和声音。 Microsoft DirectX处理畸形格式的媒体文件时存在漏洞，本地攻击者可能利用此漏洞提升自己的权限。 集成DirectX技术的Microsoft DirectShow没有对Synchronized Accessible Media...