Executive Summary
Summary | |
---|---|
Title | Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (977935) |
Informations | |||
---|---|---|---|
Name | MS10-013 | First vendor Publication | 2010-02-09 |
Vendor | Microsoft | Last vendor Modification | 2010-02-10 |
Severity (Vendor) | Critical | Revision | 1.1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V1.1 (February 10, 2010): Corrected the bulletin replacement for the Quartz (KB975560) update package. Corrected the restart requirements for the update on all platforms except Microsoft Windows 2000 and Windows Server 2008. Changed the Systems Management Server table entries for SMS 2003 with ITMU for Windows 7 and Windows Server 2008 R2. Finally, corrected the verification registry key for all supported x64-based editions of Windows XP. These are informational changes only. There were no changes to the security update files or detection logic.Summary: This security update resolves a privately reported vulnerability in Microsoft DirectShow. The vulnerability could allow remote code execution if a user opened a specially crafted AVI file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
Original Source
Url : http://www.microsoft.com/technet/security/bulletin/MS10-013.mspx |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:8064 | |||
Oval ID: | oval:org.mitre.oval:def:8064 | ||
Title: | DirectShow Heap Overflow Vulnerability | ||
Description: | Heap-based buffer overflow in DirectShow in Microsoft DirectX, as used in the AVI Filter on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2, and in Quartz on Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, allows remote attackers to execute arbitrary code via an AVI file with a crafted length field in an unspecified video stream, which is not properly handled by the RLE video decompressor, aka "DirectShow Heap Overflow Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-0250 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2010-02-10 | Name : Microsoft DirectShow Remote Code Execution Vulnerability (977935) File : nvt/secpod_ms10-013.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
62257 | Microsoft Windows DirectShow AVI File Decompression Overflow Windows is prone to an overflow condition. DirectShow fails to properly sanitize user-supplied input resulting in a heap overflow. With a specially crafted AVI file, a context-dependent attacker can potentially cause arbitrary code execution. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2010-02-18 | IAVM : 2010-A-0025 - Microsoft DirectShow Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0022679 |
Snort® IPS/IDS
Date | Description |
---|---|
2017-10-10 | Microsoft DirectShow memory corruption attempt RuleID : 44306 - Revision : 2 - Type : OS-WINDOWS |
2017-10-10 | Microsoft DirectShow memory corruption attempt RuleID : 44305 - Revision : 2 - Type : OS-WINDOWS |
2014-01-10 | Microsoft DirectShow memory corruption attempt RuleID : 16415 - Revision : 9 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-02-09 | Name : It is possible to execute arbitrary code on the remote Windows host using Dir... File : smb_nt_ms10-013.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:46:28 |
|
2014-01-19 21:30:26 |
|
2013-11-11 12:41:16 |
|