Vulnerability CVE-2008-0011 - CERT Civis.Net

Vulnerability Name:

CVE-2008-0011 (CCN-39052)

Assigned:

2007-12-13

Published:

2008-06-10

Updated:

2018-10-12

Summary:

Microsoft DirectX 8.1 through 9.0c, and DirectX on Microsoft XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008, does not properly perform MJPEG error checking, which allows remote attackers to execute arbitrary code via a crafted MJPEG stream in a (1) AVI or (2) ASF file, aka the "MJPEG Decoder Vulnerability."

CVSS v3 Severity:

10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2008-0011

Source: CCN
Type: HP Security Bulletin HPSBST02344 SSRT080087 rev.1
Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-030 to MS08-036

Source: HP
Type: Mailing List
HPSBST02344

Source: CCN
Type: SA30579
Microsoft DirectX MJPEG/SAMI File Processing Vulnerabilities

Source: SECUNIA
Type: Patch, Vendor Advisory
30579

Source: CCN
Type: SECTRACK ID: 1020222
Microsoft DirectX MJPEG Stream Error Handling Bug Lets Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: Patch
1020222

Source: CCN
Type: ASA-2008-235
MS08-033 Vulnerabilities in DirectX Could Allow Remote Code Execution (951698)

Source: CCN
Type: NORTEL BULLETIN ID: 2008008897, Rev 1
Nortel Response to Microsoft Security Bulletin MS08-033

Source: CCN
Type: NORTEL BULLETIN ID: 2008008891, Rev 1
Centrex IP Client Manager (CICM) response to Microsoft June security bulletin

Source: CCN
Type: Microsoft Security Bulletin MS13-011
Vulnerability in Media Decompression Could Allow Remote Code Execution (2780091)

Source: CCN
Type: Microsoft Security Bulletin MS16-007
Security Update for Microsoft Windows to Address Remote Code Execution (3124901)

Source: CCN
Type: Microsoft Security Bulletin MS16-014
Security update for Microsoft Windows to Address Remote Code Execution (3134228)

Source: CCN
Type: Microsoft Security Bulletin MS16-047
Security Update for SAM and LSAD Remote Protocols (3148527)

Source: CCN
Type: Microsoft Security Bulletin MS16-075
Security Update for Windows SMB Server (3164038)

Source: CCN
Type: Microsoft Security Bulletin MS16-076
Security Update for Netlogon (3167691)

Source: CCN
Type: Microsoft Security Bulletin MS16-101
Security Update for Windows Authentication Methods (3178465)

Source: CCN
Type: Microsoft Security Bulletin MS16-110
Security Update for Windows (3178467)

Source: CCN
Type: Microsoft Security Bulletin MS16-111
Security Update for Windows Kernel (3186973)

Source: CCN
Type: Microsoft Security Bulletin MS16-120
Security Update for Microsoft Graphics Component (3192884)

Source: CCN
Type: Microsoft Security Bulletin MS16-122
Security Update for Microsoft Video Control (3195360)

Source: CCN
Type: Microsoft Security Bulletin MS16-123
Security Update for Kernel-Mode Drivers (3192892)

Source: CCN
Type: Microsoft Security Bulletin MS16-124
Security Update for Windows Registry (3193227)

Source: CCN
Type: Microsoft Security Bulletin MS16-126
Security Update for Microsoft Internet Messaging API (3196067)

Source: CCN
Type: Microsoft Security Bulletin MS16-131
Security Update for Microsoft Video Control (3199151)

Source: CCN
Type: Microsoft Security Bulletin MS16-139
Security Update for Windows Kernel (3199720)

Source: CCN
Type: Microsoft Security Bulletin MS16-155
Security Update for .NET Framework (3205640)

Source: CCN
Type: Microsoft Security Bulletin MS17-006
Cumulative Security Update for Internet Explorer (4013073)

Source: CCN
Type: Microsoft Security Bulletin MS17-013
Security Update for Microsoft Graphics Component (4013075)

Source: CCN
Type: Microsoft Security Bulletin MS08-033
Vulnerabilities in DirectX Could Allow Remote Code Execution (951698)

Source: CCN
Type: Microsoft Security Bulletin MS09-011
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (961373)

Source: CCN
Type: Microsoft Security Bulletin MS09-028
Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution (971633)

Source: CCN
Type: Microsoft Security Bulletin MS10-013
Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (977935)

Source: CCN
Type: Microsoft Security Bulletin MS10-033
Vulnerabilities in Media Decompression Could Allow Remote Code Execution (979902)

Source: CCN
Type: Microsoft Security Bulletin MS10-094
Vulnerability in Windows Media Encoder Could Allow Remote Code Execution (2447961

Source: CCN
Type: Microsoft Security Bulletin MS12-004
Vulnerabilities in Windows Media Could Allow Remote Code Execution (2636391)

Source: BID
Type: Patch
29581

Source: CCN
Type: BID-29581
Microsoft DirectX MJPEG Video Streaming Stack Based Buffer Overflow Vulnerability

Source: CERT
Type: Third Party Advisory, US Government Resource
TA08-162B

Source: VUPEN
Type: Broken Link
ADV-2008-1780

Source: MS
Type: UNKNOWN
MS08-033

Source: XF
Type: UNKNOWN
multimedia-codec-stack-bo(39052)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:5236

Vulnerable Configuration:

Configuration 1:

cpe:/o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:*:*:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:*:sp1:itanium:*:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*

OR cpe:/o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:*:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*

AND

cpe:/a:microsoft:directx:9.0:*:*:*:*:*:*:*

Configuration 2:

cpe:/o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*

AND

cpe:/a:microsoft:directx:7.0:*:*:*:*:*:*:*

OR cpe:/a:microsoft:directx:8.1:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:microsoft:windows-nt:2008:*:itanium:*:*:*:*:*

OR cpe:/o:microsoft:windows-nt:2008:*:x32:*:*:*:*:*

OR cpe:/o:microsoft:windows-nt:2008:*:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:*:*:x64:*:*:*:*:*

AND

cpe:/a:microsoft:directx:10.0:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:microsoft:directx:8.1:*:*:*:*:*:*:*

OR cpe:/a:microsoft:directx:9.0a:*:*:*:*:*:*:*

OR cpe:/a:microsoft:directx:9.0:*:*:*:*:*:*:*

OR cpe:/a:microsoft:directx:9.0b:*:*:*:*:*:*:*

OR cpe:/a:microsoft:directx:9.0c:*:*:*:*:*:*:*

OR cpe:/a:microsoft:directx:10.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:5236	V	MJPEG Decoder Vulnerability	2014-08-18