Описание
Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media Format Runtime 9, 9.5, and 11; Media Encoder 9; and the Asycfilt.dll COM component allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "Media Decompression Vulnerability."
Ссылки
- US Government Resource
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microsoft:directx:9.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:directx:9.0a:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:directx:9.0b:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:directx:9.0c:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:a:microsoft:windows_media_format_runtime:9:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_media_format_runtime:9.5:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_media_format_runtime:9.5:*:x64:*:*:*:*:*
cpe:2.3:a:microsoft:windows_media_format_runtime:11:*:*:*:*:*:*:*
Конфигурация 3
Одно из
cpe:2.3:a:microsoft:windows_media_encoder:9:-:x64:*:*:*:*:*
cpe:2.3:a:microsoft:windows_media_encoder:9:-:x86:*:*:*:*:*
EPSS
Процентиль: 98%
0.57576
Средний
9.3 Critical
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
больше 3 лет назад
Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media Format Runtime 9, 9.5, and 11; Media Encoder 9; and the Asycfilt.dll COM component allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "Media Decompression Vulnerability."
EPSS
Процентиль: 98%
0.57576
Средний
9.3 Critical
CVSS2
Дефекты
CWE-94