Lucene search

PRIOn knowledge basePRION:CVE-2008-0011

HistoryJun 12, 2008 - 2:32 a.m.

Spoofing

2008-06-1202:32:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

Low

0.91 High

EPSS

Percentile

98.9%

JSON

Microsoft DirectX 8.1 through 9.0c, and DirectX on Microsoft XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008, does not properly perform MJPEG error checking, which allows remote attackers to execute arbitrary code via a crafted MJPEG stream in a (1) AVI or (2) ASF file, aka the “MJPEG Decoder Vulnerability.”

CPENameOperatorVersion
directxeq9.0
directxeq7.0
directxeq8.1
directxeq10.0

Name	Operator	Version
directx	eq	9.0
directx	eq	7.0
directx	eq	8.1
directx	eq	10.0

References

secunia.com/advisories/30579

securitytracker.com/id?1020222

www.securityfocus.com/bid/29581

www.us-cert.gov/cas/techalerts/TA08-162B.html

www.vupen.com/english/advisories/2008/1780

docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-033

marc.info/?l=bugtraq&m=121380194923597&w=2

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5236