Microsoft Windows DirectX MJPEG/SAMI File Processing Vulnerabilities( 11 June 2008 )
Last Update Date:
28 Jan 2011
Release Date:
11 Jun 2008
4701
Views
RISK: Medium Risk
1. MJPEG Decoder Vulnerability
A remote code execution vulnerability exists in the way that the Windows MJPEG Codec handles MJPEG streams in AVI or ASF files. A user would have to preview or play a specially crafted MJPEG file for the vulnerability to be exploited.
2. SAMI Format Parsing Vulnerability
A remote code execution vulnerability exists in the way DirectX handles supported format files. This vulnerability could allow remote code execution if a user opened a specially crafted file.
Impact
- Remote Code Execution
System / Technologies affected
- DirectX 7.0
- DirectX 8.1
- DirectX 9.0, DirectX 9.0b, or DirectX 9.0c
- DirectX 10.0
- Microsoft Windows 2000
- Windows XP
- Windows Server 2003
- Windows Vista
- Windows Server 2008
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
Download locations for this patch
- DirectX 7.0
- Microsoft Windows 2000 Service Pack 4 - DirectX 8.1
- Microsoft Windows 2000 Service Pack 4 - DirectX 9.0, DirectX 9.0b, or DirectX 9.0c
- Microsoft Windows 2000 Service Pack 4
- Windows XP Service Pack 2 and Windows XP Service Pack 3
- Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
- Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
- Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
- Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems - DirectX 10.0
- Windows Vista
- Windows Vista Service Pack 1
- Windows Vista x64 Edition
- Windows Vista x64 Edition Service Pack 1
- Windows Server 2008 for 32-bit Systems
- Windows Server 2008 for x64-based Systems
- Windows Server 2008 for Itanium-based Systems
Vulnerability Identifier
Source
Related Link
Share with