| Vulnerability Name: | CVE-2009-1539 (CCN-51458) | ||||||||
| Assigned: | 2009-07-14 | ||||||||
| Published: | 2009-07-14 | ||||||||
| Updated: | 2019-02-26 | ||||||||
| Summary: | The QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 does not properly validate unspecified size fields in QuickTime media files, which allows remote attackers to execute arbitrary code via a crafted file, aka "DirectX Size Validation Vulnerability." | ||||||||
| CVSS v3 Severity: | 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C) 6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-94 | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2009-1539 Source: CCN Type: TPTI-09-05 Microsoft DirectShow Quicktime Atom Parsing Memory Corruption Vulnerability Source: OSVDB Type: UNKNOWN 55845 Source: CCN Type: ASA-2009-279 MS09-028 Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution (971633) Source: CCN Type: Microsoft Security Bulletin MS13-011 Vulnerability in Media Decompression Could Allow Remote Code Execution (2780091) Source: CCN Type: Microsoft Security Bulletin MS16-007 Security Update for Microsoft Windows to Address Remote Code Execution (3124901) Source: CCN Type: Microsoft Security Bulletin MS16-014 Security update for Microsoft Windows to Address Remote Code Execution (3134228) Source: CCN Type: Microsoft Security Bulletin MS16-047 Security Update for SAM and LSAD Remote Protocols (3148527) Source: CCN Type: Microsoft Security Bulletin MS16-075 Security Update for Windows SMB Server (3164038) Source: CCN Type: Microsoft Security Bulletin MS16-076 Security Update for Netlogon (3167691) Source: CCN Type: Microsoft Security Bulletin MS16-101 Security Update for Windows Authentication Methods (3178465) Source: CCN Type: Microsoft Security Bulletin MS16-110 Security Update for Windows (3178467) Source: CCN Type: Microsoft Security Bulletin MS16-111 Security Update for Windows Kernel (3186973) Source: CCN Type: Microsoft Security Bulletin MS16-120 Security Update for Microsoft Graphics Component (3192884) Source: CCN Type: Microsoft Security Bulletin MS16-122 Security Update for Microsoft Video Control (3195360) Source: CCN Type: Microsoft Security Bulletin MS16-123 Security Update for Kernel-Mode Drivers (3192892) Source: CCN Type: Microsoft Security Bulletin MS16-124 Security Update for Windows Registry (3193227) Source: CCN Type: Microsoft Security Bulletin MS16-126 Security Update for Microsoft Internet Messaging API (3196067) Source: CCN Type: Microsoft Security Bulletin MS16-131 Security Update for Microsoft Video Control (3199151) Source: CCN Type: Microsoft Security Bulletin MS16-139 Security Update for Windows Kernel (3199720) Source: CCN Type: Microsoft Security Bulletin MS16-155 Security Update for .NET Framework (3205640) Source: CCN Type: Microsoft Security Bulletin MS17-006 Cumulative Security Update for Internet Explorer (4013073) Source: CCN Type: Microsoft Security Bulletin MS17-013 Security Update for Microsoft Graphics Component (4013075) Source: CCN Type: Microsoft Security Bulletin MS09-028 Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution (971633) Source: CCN Type: Microsoft Security Bulletin MS10-013 Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (977935) Source: CCN Type: Microsoft Security Bulletin MS10-033 Vulnerabilities in Media Decompression Could Allow Remote Code Execution (979902) Source: CCN Type: Microsoft Security Bulletin MS10-094 Vulnerability in Windows Media Encoder Could Allow Remote Code Execution (2447961 Source: CCN Type: Microsoft Security Bulletin MS12-004 Vulnerabilities in Windows Media Could Allow Remote Code Execution (2636391) Source: CCN Type: OSVDB ID: 55845 Microsoft DirectX DirectShow quartz.dll QuickTime NumberOfEntries Field Memory Corruption Source: CCN Type: BID-35616 Microsoft DirectX DirectShow Length Record Remote Code Execution Vulnerability Source: CERT Type: US Government Resource TA09-195A Source: VUPEN Type: UNKNOWN ADV-2009-1886 Source: MS Type: UNKNOWN MS09-028 Source: XF Type: UNKNOWN ms-directx-qt-code-execution(51458) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:6341 Source: CCN Type: ZDI-09-045 Microsoft DirectShow Quicktime Atom Parsing Memory Corruption Vulnerability | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration 3: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| Oval Definitions | |||||||||
| |||||||||
| BACK | |||||||||