Oval Definition:oval:org.mitre.oval:def:5963
Revision Date:2013-04-15Version:44
Title:DirectX Pointer Validation Vulnerability
Description:The QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 performs updates to pointers without properly validating unspecified data values, which allows remote attackers to execute arbitrary code via a crafted QuickTime media file, aka "DirectX Pointer Validation Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2009-1538
Platform(s):Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s):DirectX
Definition Synopsis
  • DirectX 7 on Windows 2000 SP4
  • Microsoft Windows 2000 SP4 or later is installed
  • AND DirectX 7.0x Installed
  • AND the version of Quartz.dll is less than 6.1.9.736
  • OR DirectX 8.1 on Windows 2000 SP4
  • Microsoft Windows 2000 SP4 or later is installed
  • AND DirectX 8.1 Installed
  • AND the version of Quartz.dll is less than 6.3.1.893
  • OR DirectX 9.0 on Windows 2000 SP4
  • Microsoft Windows 2000 SP4 or later is installed
  • AND DirectX 9.0x Installed
  • AND the version of Quartz.dll is less than 6.5.1.911
  • OR DirectX 9.0 on Win XP SP2 x86
  • Microsoft Windows XP (x86) SP2 is installed
  • AND DirectX 9.0x Installed
  • AND the version of Quartz.dll is less than 6.5.2600.3580
  • OR DirectX 9.0 on Win XP SP3 x86
  • Microsoft Windows XP (x86) SP3 is installed
  • AND DirectX 9.0x Installed
  • AND the version of Quartz.dll is less than 6.5.2600.5822
  • OR DirectX 9.0 on Windows XP SP2, Server 2003 SP2
  • Microsoft Windows XP x64 Edition SP2 is installed
  • OR Microsoft Windows Server 2003 SP2 (x64) is installed
  • OR Microsoft Windows Server 2003 SP2 (x86) is installed
  • OR Microsoft Windows Server 2003 (ia64) SP2 is installed
  • AND DirectX 9.0x Installed
  • AND the version of Quartz.dll is less than 6.5.3790.4523
    • BACK