Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-57857
HistoryFeb 12, 2013 - 12:00 a.m.

Microsoft DirectShow CVE-2013-0077 Remote Code Execution Vulnerability

2013-02-1200:00:00
Symantec Security Response
www.symantec.com
21

0.913 High

EPSS

Percentile

98.9%

JSON

Description

Microsoft DirectShow is prone to a remote code-execution vulnerability. Successful exploits allow remote attackers to execute arbitrary code in the context of the user running an application that uses DirectShow. Failed exploit attempts will result in a denial-of-service condition.

Technologies Affected

  • Avaya Aura Conferencing 6.0
  • Avaya Aura Conferencing 6.0 SP1 Standard
  • Avaya Aura Conferencing 6.0 Standard
  • Avaya Aura Conferencing 6.0.0 Standard
  • Avaya Aura Conferencing 7.0
  • Avaya Aura Conferencing Standard
  • Avaya CallPilot 4.0
  • Avaya CallPilot 4.0.1
  • Avaya CallPilot 5.0
  • Avaya CallPilot 5.0.1
  • Avaya CallPilot
  • Avaya Communication Server 1000 Telephony Manager 3.0
  • Avaya Communication Server 1000 Telephony Manager 3.0.1
  • Avaya Communication Server 1000 Telephony Manager 4.0
  • Avaya Communication Server 1000 Telephony Manager 4.0.1
  • Avaya Communication Server 1000 Telephony Manager
  • Avaya Meeting Exchange - Client Registration Server 5.0
  • Avaya Meeting Exchange - Client Registration Server 5.0.1
  • Avaya Meeting Exchange - Client Registration Server 5.2
  • Avaya Meeting Exchange - Client Registration Server 5.2.1
  • Avaya Meeting Exchange - Client Registration Server
  • Avaya Meeting Exchange - Recording Server 5.0
  • Avaya Meeting Exchange - Recording Server 5.0.1
  • Avaya Meeting Exchange - Recording Server 5.2
  • Avaya Meeting Exchange - Recording Server 5.2.1
  • Avaya Meeting Exchange - Recording Server
  • Avaya Meeting Exchange - Streaming Server 5.0
  • Avaya Meeting Exchange - Streaming Server 5.0
  • Avaya Meeting Exchange - Streaming Server 5.0.1
  • Avaya Meeting Exchange - Streaming Server 5.2
  • Avaya Meeting Exchange - Streaming Server 5.2.1
  • Avaya Meeting Exchange - Streaming Server
  • Avaya Meeting Exchange - Web Conferencing Server 5.0
  • Avaya Meeting Exchange - Web Conferencing Server 5.0.1
  • Avaya Meeting Exchange - Web Conferencing Server 5.2
  • Avaya Meeting Exchange - Web Conferencing Server 5.2.1
  • Avaya Meeting Exchange - Web Conferencing Server
  • Avaya Meeting Exchange - Webportal 5.0
  • Avaya Meeting Exchange - Webportal 5.0.1
  • Avaya Meeting Exchange - Webportal 5.2
  • Avaya Meeting Exchange - Webportal 5.2.1
  • Avaya Meeting Exchange - Webportal 6.0
  • Avaya Messaging Application Server 4
  • Avaya Messaging Application Server 5
  • Avaya Messaging Application Server 5.0
  • Avaya Messaging Application Server 5.0.1
  • Avaya Messaging Application Server 5.2
  • Avaya Messaging Application Server 5.2.1
  • Avaya Messaging Application Server
  • Avaya Messaging Application Server MM 1.1
  • Avaya Messaging Application Server MM 2.0
  • Avaya Messaging Application Server MM 3.0
  • Avaya Messaging Application Server MM 3.1
  • Microsoft Windows Server 2003 Itanium SP2
  • Microsoft Windows Server 2003 SP2
  • Microsoft Windows Server 2003 x64 SP2
  • Microsoft Windows Server 2008 for 32-bit Systems SP2
  • Microsoft Windows Server 2008 for Itanium-based Systems SP2
  • Microsoft Windows Server 2008 for x64-based Systems SP2
  • Microsoft Windows Vista Service Pack 2
  • Microsoft Windows Vista x64 Edition Service Pack 2
  • Microsoft Windows XP Professional x64 Edition SP2
  • Microsoft Windows XP Service Pack 3

Recommendations

Run all software as a nonprivileged user with minimal access rights.
To limit the potential damage that a successful exploit may achieve, run all nonadministrative software as a regular user with the least amount of privileges required to successfully operate.

Do not accept or execute files from untrusted or unknown sources.
To reduce the likelihood of successful exploits, never handle files that originate from unfamiliar or untrusted sources.

Do not follow links provided by unknown or untrusted sources.
Web users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.

Implement multiple redundant layers of security.
Since this issue may be leveraged to execute code, we recommend memory-protection schemes, such as nonexecutable stack/heap configurations and randomly mapped memory segments. This tactic may complicate exploits of memory-corruption vulnerabilities.

Updates are available. Please see the references or vendor advisory for more information.

Related

cve 1
checkpoint_advisories 2
nvd 1
cvelist 1
nessus 1
openvas 2
prion 1
securityvulns 1
cve
cve
CVE-2013-0077
2013-02-13 12:04:12
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Media Decompression Remote Code Execution(MS13-011; CVE-2013-0077)
2020-07-22 00:00:00
Microsoft Windows Media Decompression Remote Code Execution (MS13-011; CVE-2013-0077)
2013-02-12 00:00:00
nvd
nvd
CVE-2013-0077
2013-02-13 12:04:12
cvelist
cvelist
CVE-2013-0077
2013-02-13 11:00:00
nessus
nessus
MS13-011: Vulnerability in Media Decompression Could Allow Remote Code Execution (2780091)
2013-02-12 00:00:00
openvas
openvas
Microsoft Windows Media Decompression Remote Code Execution Vulnerability (2780091)
2013-02-13 00:00:00
Microsoft Windows Media Decompression Remote Code Execution Vulnerability (2780091)
2013-02-13 00:00:00
prion
prion
Design/Logic Flaw
2013-02-13 12:04:00
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2013-03-02 00:00:00

0.913 High

EPSS

Percentile

98.9%

JSON
Related for SMNTC-57857
cve1checkpoint_advisories2nvd1cvelist1nessus1openvas2prion1securityvulns1