 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.801710 |
| Kategorie: | Windows : Microsoft Bulletins |
| Titel: | Vulnerabilities in DirectX Could Allow Remote Code Execution (941568) |
| Zusammenfassung: | This host is missing a critical security update according to; Microsoft Bulletin MS07-064. |
| Beschreibung: | Summary: This host is missing a critical security update according to Microsoft Bulletin MS07-064. Vulnerability Insight: The flaw is due to: - A boundary error in quartz.dll when parsing 'SAMI' files which can be exploited to cause a stack-based buffer overflow when opening a specially crafted file. - An error within the DirectShow technology when parsing 'AVI' and 'WAV' files. Vulnerability Impact: Successful exploitation could allow arbitrary code execution and can potentially compromise a user's system. Affected Software/OS: DirectX 7.0, 8.1 and 9.0 on Microsoft Windows 2000 DirectX 9.0 on Microsoft Windows XP and 2003 DirectX 10.0 on Microsoft Windows vista Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
| Querverweis: |
BugTraq ID: 26789 BugTraq ID: 26804 Common Vulnerability Exposure (CVE) ID: CVE-2007-3901 http://www.securityfocus.com/bid/26789 Cert/CC Advisory: TA07-345A http://www.us-cert.gov/cas/techalerts/TA07-345A.html CERT/CC vulnerability note: VU#804089 http://www.kb.cert.org/vuls/id/804089 https://www.exploit-db.com/exploits/4866 HPdes Security Advisory: HPSBST02299 http://www.securityfocus.com/archive/1/485268/100/0/threaded HPdes Security Advisory: SSRT071506 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=632 ISS Security Advisory: 20071211 Multiple Microsoft DirectShow Remote Code Execution Vulnerabilities http://www.iss.net/threats/280.html Microsoft Security Bulletin: MS07-064 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-064 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4520 http://www.securitytracker.com/id?1019073 http://secunia.com/advisories/28010 http://www.vupen.com/english/advisories/2007/4180 XForce ISS Database: ms-directshow-sami-code-execution(38721) https://exchange.xforce.ibmcloud.com/vulnerabilities/38721 Common Vulnerability Exposure (CVE) ID: CVE-2007-3895 http://www.securityfocus.com/bid/26804 CERT/CC vulnerability note: VU#321233 http://www.kb.cert.org/vuls/id/321233 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4287 XForce ISS Database: ms-directshow-wav-code-execution(38722) https://exchange.xforce.ibmcloud.com/vulnerabilities/38722 |
| Copyright | Copyright (C) 2011 Greenbone Networks GmbH |
| Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |