 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.801710 |
| Categoría: | Windows : Microsoft Bulletins |
| Título: | Vulnerabilities in DirectX Could Allow Remote Code Execution (941568) |
| Resumen: | This host is missing a critical security update according to; Microsoft Bulletin MS07-064. |
| Descripción: | Summary: This host is missing a critical security update according to Microsoft Bulletin MS07-064. Vulnerability Insight: The flaw is due to: - A boundary error in quartz.dll when parsing 'SAMI' files which can be exploited to cause a stack-based buffer overflow when opening a specially crafted file. - An error within the DirectShow technology when parsing 'AVI' and 'WAV' files. Vulnerability Impact: Successful exploitation could allow arbitrary code execution and can potentially compromise a user's system. Affected Software/OS: DirectX 7.0, 8.1 and 9.0 on Microsoft Windows 2000 DirectX 9.0 on Microsoft Windows XP and 2003 DirectX 10.0 on Microsoft Windows vista Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2007-3901 BugTraq ID: 26789 http://www.securityfocus.com/bid/26789 Cert/CC Advisory: TA07-345A http://www.us-cert.gov/cas/techalerts/TA07-345A.html CERT/CC vulnerability note: VU#804089 http://www.kb.cert.org/vuls/id/804089 https://www.exploit-db.com/exploits/4866 HPdes Security Advisory: HPSBST02299 http://www.securityfocus.com/archive/1/485268/100/0/threaded HPdes Security Advisory: SSRT071506 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=632 ISS Security Advisory: 20071211 Multiple Microsoft DirectShow Remote Code Execution Vulnerabilities http://www.iss.net/threats/280.html Microsoft Security Bulletin: MS07-064 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-064 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4520 http://www.securitytracker.com/id?1019073 http://secunia.com/advisories/28010 http://www.vupen.com/english/advisories/2007/4180 XForce ISS Database: ms-directshow-sami-code-execution(38721) https://exchange.xforce.ibmcloud.com/vulnerabilities/38721 Common Vulnerability Exposure (CVE) ID: CVE-2007-3895 BugTraq ID: 26804 http://www.securityfocus.com/bid/26804 CERT/CC vulnerability note: VU#321233 http://www.kb.cert.org/vuls/id/321233 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4287 XForce ISS Database: ms-directshow-wav-code-execution(38722) https://exchange.xforce.ibmcloud.com/vulnerabilities/38722 |
| Copyright | Copyright (C) 2011 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |