ID CVE-2009-1537
Summary Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted QuickTime media file, as exploited in the wild in May 2009, aka "DirectX NULL Byte Overwrite Vulnerability." Per: http://www.microsoft.com/technet/security/advisory/971778.mspx "Microsoft is aware of limited, active attacks that use this exploit code. While our investigation is ongoing, our investigation so far has shown that Windows 2000 Service Pack 4, Windows XP, and Windows Server 2003 are vulnerable; all versions of Windows Vista and Windows Server 2008 are not vulnerable."
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:directx:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:directx:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:directx:7.0a:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:directx:7.0a:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:directx:7.1:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:directx:7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:directx:8.1:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:directx:8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:directx:8.1b:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:directx:8.1b:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:directx:9.0:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:directx:9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:directx:9.0a:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:directx:9.0a:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:directx:9.0b:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:directx:9.0b:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:directx:9.0c:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:directx:9.0c:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
CVSS
Base: 9.3 (as of 12-10-2018 - 21:51)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
oval via4
accepted 2013-04-15T04:00:28.654-04:00
class vulnerability
contributors
  • name Dragos Prisaca
    organization Gideon Technologies, Inc.
  • name Dragos Prisaca
    organization Gideon Technologies, Inc.
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment Microsoft Windows 2000 SP4 or later is installed
    oval oval:org.mitre.oval:def:229
  • comment Microsoft Windows 2000 SP4 or later is installed
    oval oval:org.mitre.oval:def:229
  • comment Microsoft Windows 2000 SP4 or later is installed
    oval oval:org.mitre.oval:def:229
  • comment Microsoft Windows XP (x86) SP2 is installed
    oval oval:org.mitre.oval:def:754
  • comment Microsoft Windows XP (x86) SP3 is installed
    oval oval:org.mitre.oval:def:5631
  • comment Microsoft Windows XP x64 Edition SP2 is installed
    oval oval:org.mitre.oval:def:4193
  • comment Microsoft Windows Server 2003 SP2 (x64) is installed
    oval oval:org.mitre.oval:def:2161
  • comment Microsoft Windows Server 2003 SP2 (x86) is installed
    oval oval:org.mitre.oval:def:1935
  • comment Microsoft Windows Server 2003 (ia64) SP2 is installed
    oval oval:org.mitre.oval:def:1442
description Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted QuickTime media file, as exploited in the wild in May 2009, aka "DirectX NULL Byte Overwrite Vulnerability."
family windows
id oval:org.mitre.oval:def:6237
status accepted
submitted 2009-05-29T10:00:00
title DirectX NULL Byte Overwrite Vulnerability
version 69
refmap via4
bid 35139
cert TA09-195A
confirm
misc http://isc.sans.org/diary.html?storyid=6481
ms MS09-028
osvdb 54797
sectrack 1022299
secunia 35268
vupen
  • ADV-2009-1445
  • ADV-2009-1886
saint via4
bid 35139
description Microsoft DirectX DirectShow QuickTime movie parsing vulnerability
id win_patch_directxquicktime
osvdb 54797
title microsoft_directx_quicktime
type client
Last major update 12-10-2018 - 21:51
Published 29-05-2009 - 18:30
Back to Top