oval:org.mitre.oval:def:1424

Definition Id: oval:org.mitre.oval:def:1424

Oval ID:	oval:org.mitre.oval:def:1424
Title:	Server 2003 DirectShow Malicious avi File Vulnerability
Description:	QUARTZ.DLL in Microsoft Windows Media Player 9 allows remote attackers to write a null byte to arbitrary memory via an AVI file with a crafted strn element with a modified length value.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2005-2128	Version:	6
Platform(s):	Microsoft Windows Server 2003	Product(s):	DirectX
Definition Synopsis:
DirectX packaged with Windows Server 2003 has DirectShow Vulnerability Windows Server 2003 is installed AND NOT Win2K/XP/2003 is patched AND the version of Quartz.dll is greater than or equal to 6.4.3790.0 AND the version of Quartz.dll is less than 6.4.3790.399 OR Standalone DirectX 8 has DirectShow Vulnerability DirectX 8.x Installed AND the version of Quartz.dll is less than 6.3.1.889 OR Standalone DirectX 9 has DirectShow Vulnerability DirectX 9.x Installed AND the version of Quartz.dll is less than 6.3.1.889