MS.DirectX.DirectShow.WAV.And.AVI.File.Parse.Buffer.Overflow
Description
This indicates a possible attempt to exploit a vulnerability in Microsoft Windows DirectX.
The vulnerability is caused by a buffer overflow that occurs when DirectX handles malformed WAV format files. It allows remote attackers to execute arbitrary code by tricking a user into opening a malicious wav file.
Affected Products
DirectX 8.0 on Microsoft Windows 2000 Service Pack 4
DirectX 9.0 on Microsoft Windows 2000 Service Pack 4
DirectShow on Windows 2000 Service Pack 4
DirectShow on Windows XP Service Pack 2
DirectShow on Windows XP Professional x64 Edition
DirectShow on Windows XP Professional x64 Edition Service Pack 2
DirectShow on Windows Server 2003 Service Pack 1
DirectShow on Windows Server 2003 Service Pack 2
DirectShow on Windows Server 2003 with SP1 for Itanium-based Systems
DirectShow on Windows Server 2003 with SP2 for Itanium-based Systems
DirectShow on Windows Server 2003 x64 Edition
DirectShow on Windows Server 2003 x64 Edition Service Pack 2
DirectShow on Windows Vista
DirectShow on Windows Vista x64 Edition
Impact
System Compromise: remote attackers can gain control of vulnerable systems.
Recommended Actions
Refer to the vendor's web site for suggested workground.
http://www.microsoft.com/technet/security/Bulletin/ms07-064.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-10-29 | 16.952 | Name:MS. Windows. Directshow. WAV. And. AVI. File. Parse. Buffer. Overflow:MS. DirectX. DirectShow. WAV. And. AVI. File. Parse. Buffer. Overflow |