Security Advisory SA28010 - Microsoft DirectX SAMI/WAV/AVI File Parsing Vulnerabilities

Overview

Advisories

Research

Forums

Create Profile

Our Commitment

Database

Advisories by Product

Advisories by Vendor

Terminology

Report Vulnerability

Insecure Library Loading

Secunia Advisory SA28010

Microsoft DirectX SAMI/WAV/AVI File Parsing Vulnerabilities

Secunia Advisory

SA28010

Release Date

2007-12-11

Last Update

2007-12-17

Popularity

18,842 views

Comments

0 comments

Criticality level

Highly critical

Impact

System access

Where

From remote

Authentication level

This information is available to Secunia VIM customers

Report reliability

This information is available to Secunia VIM customers

Solution Status

Vendor Patch

Secunia PoC

Available in Customer Area

Secunia analysis

Available in Customer Area

3rd party PoC/exploit

Link available in Customer Area

Systems affected

This information is available to Secunia VIM customers

Approve distribution

This information is available to Secunia VIM customers

Remediation status

Secunia CSI, Secunia PSI

Automated scanning

Secunia CSI, Secunia PSI

Operating System

Microsoft Windows 2000 Advanced Server

Microsoft Windows 2000 Datacenter Server

Microsoft Windows 2000 Professional

Microsoft Windows 2000 Server

Microsoft Windows Server 2003 Datacenter Edition

Microsoft Windows Server 2003 Enterprise Edition

Microsoft Windows Server 2003 Standard Edition

Microsoft Windows Server 2003 Web Edition

Microsoft Windows Storage Server 2003

Microsoft Windows Vista

Microsoft Windows XP Home Edition

Microsoft Windows XP Professional

Software:

Microsoft DirectX 10.x

Microsoft DirectX 7.x

Microsoft DirectX 8.x

Microsoft DirectX 9.x

Secunia CVSS Score

This information is available to Secunia VIM Customers

CVE Reference(s)

CVE-2007-3895 CVSS score available to Secunia VIM customers
CVE-2007-3901 CVSS score available to Secunia VIM customers

Description

Two vulnerabilities have been reported in Microsoft DirectX, which can be exploited by malicious people to compromise a user's system.

1) A boundary error in quartz.dll when parsing SAMI (Synchronized Accessible Media Interchange) files can be exploited to cause a stack-based buffer overflow when opening a specially crafted file.

Successful exploitation allows execution of arbitrary code.

The vulnerability has been reported in DirectX 7.0 and 8.1. Later versions are not affected.

2) An error within the DirectShow technology when parsing AVI and WAV files can be exploited to execute arbitrary code on a user's system when e.g. visiting a malicious website.

The vulnerability has been reported in DirectX 7.0 through 10.0.

Solution
Apply patches.
Further details available to Secunia VIM customers

Provided and/or discovered by
1) Jun Mao, VeriSign iDefense Labs.
2) The vendor credits Peter Winter-Smith, NGSSoftware.

Changelog
Further details available to Secunia VIM customers

Original Advisory
MS07-064 (KB941568):
http://www.microsoft.com/technet/security/Bulletin/MS07-064.mspx

iDefense Labs:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=632

Other references
Further details available to Secunia VIM customers

Alternate/detailed remediation
Further details available in Customer Area

Deep Links
Links available to Secunia VIM customers

Do you have additional information related to this advisory?

Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this information to vuln@secunia.com

Subject: Microsoft DirectX SAMI/WAV/AVI File Parsing Vulnerabilities

No posts yet

Secunia Advisory SA28010

Microsoft DirectX SAMI/WAV/AVI File Parsing Vulnerabilities

Do you have additional information related to this advisory?

You must be logged in to post a comment.

Secunia Customer Login

Not a customer already?