Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.800104 |
Kategorie: | Windows : Microsoft Bulletins |
Titel: | Vulnerabilities in DirectX Could Allow Remote Code Execution (951698) |
Zusammenfassung: | This host has DirectX installed, which is prone to remote code; execution vulnerabilities. |
Beschreibung: | Summary: This host has DirectX installed, which is prone to remote code execution vulnerabilities. Vulnerability Insight: The flaws are due to - error in the Windows MJPEG Codec when performing error checking on MJPEG video streams embedded in ASF or AVI media files which can be exploited with a specially crafted MJPEG file. - error in the parsing of Class Name variables in Synchronized Accessible Media Interchange (SAMI) files which can be exploited with a specially crafted SAMI file. Vulnerability Impact: Successful exploitation allows remote attackers to execute arbitrary code when a user opens a specially crafted media file. An attacker could take complete control of an affected system. Affected Software/OS: DirectX 7.0, 8.1, 9.0, 9.0a, 9.0b and 9.0c on Microsoft Windows 2000 DirectX 9.0, 9.0a, 9.0b and 9.0c on Microsoft Windows XP and 2003 DirectX 10.0 on Microsoft Windows Vista and 2008 Server Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
Querverweis: |
BugTraq ID: 29581 BugTraq ID: 29578 Common Vulnerability Exposure (CVE) ID: CVE-2008-0011 http://www.securityfocus.com/bid/29581 Cert/CC Advisory: TA08-162B http://www.us-cert.gov/cas/techalerts/TA08-162B.html HPdes Security Advisory: HPSBST02344 http://marc.info/?l=bugtraq&m=121380194923597&w=2 HPdes Security Advisory: SSRT080087 Microsoft Security Bulletin: MS08-033 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-033 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5236 http://securitytracker.com/id?1020222 http://secunia.com/advisories/30579 http://www.vupen.com/english/advisories/2008/1780 Common Vulnerability Exposure (CVE) ID: CVE-2008-1444 http://www.securityfocus.com/bid/29578 Bugtraq: 20080610 ZDI-08-040: Microsoft DirectX SAMI File Format Name Parsing Stack Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/493250/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-08-040/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5562 http://securitytracker.com/id?1020223 http://securityreason.com/securityalert/3937 |
Copyright | Copyright (C) 2008 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |