Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2009-0084
HistoryApr 15, 2009 - 8:00 a.m.

CVE-2009-0084

2009-04-1508:00:00
CWE-94
[email protected]
web.nvd.nist.gov
35
cve-2009-0084
directshow
vulnerability
remote code execution
mjpeg
microsoft directx

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.761 High

EPSS

Percentile

98.2%

JSON

Use-after-free vulnerability in DirectShow in Microsoft DirectX 8.1 and 9.0 allows remote attackers to execute arbitrary code via an MJPEG file or video stream with a malformed Huffman table, which triggers an exception that frees heap memory that is later accessed, aka β€œMJPEG Decompression Vulnerability.”

Affected configurations

NVD
Node
microsoftwindows_2000sp4
AND
microsoftdirectxMatch8.1
Node
microsoftdirectxMatch9.0
OR
microsoftdirectxMatch9.0a
OR
microsoftdirectxMatch9.0b
OR
microsoftdirectxMatch9.0c
AND
microsoftwindows_2000sp4
OR
microsoftwindows_server_2003
OR
microsoftwindows_server_2003sp1
OR
microsoftwindows_server_2003sp1itanium
OR
microsoftwindows_server_2003sp2
OR
microsoftwindows_xppro_x64
OR
microsoftwindows_xpsp2
OR
microsoftwindows_xpsp2pro_x64
OR
microsoftwindows_xpsp3

Related

nessus 1
openvas 2
seebug 1
checkpoint_advisories 1
cvelist 1
securityvulns 2
prion 1
nvd 1
nessus
nessus
MS09-011: Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (961373)
2009-04-15 00:00:00
openvas
openvas
Microsoft DirectShow Remote Code Execution Vulnerability (961373)
2009-04-15 00:00:00
Microsoft DirectShow Remote Code Execution Vulnerability (961373)
2009-04-15 00:00:00
seebug
seebug
Microsoft DirectX MJPEGθ§†ι’‘θ§£η θΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄žοΌˆMS09-011οΌ‰
2009-04-16 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft DirectShow MJPEG Decompression Remote Code Execution (MS09-011; CVE-2009-0084)
2009-04-14 00:00:00
cvelist
cvelist
CVE-2009-0084
2009-04-15 03:49:00
securityvulns
securityvulns
Microsoft DirectShow memory corruption
2009-04-14 00:00:00
Microsoft Security Bulletin MS09-011 - Critical Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (961373)
2009-04-14 00:00:00
prion
prion
Design/Logic Flaw
2009-04-15 08:00:00
nvd
nvd
CVE-2009-0084
2009-04-15 08:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.761 High

EPSS

Percentile

98.2%

JSON
Related for CVE-2009-0084
nessus1openvas2seebug1checkpoint_advisories1cvelist1securityvulns2prion1nvd1