oval:org.mitre.oval:def:1434

Definition Id: oval:org.mitre.oval:def:1434

Oval ID:	oval:org.mitre.oval:def:1434
Title:	WinXP,SP1 DirectShow Malicious avi File Vulnerability
Description:	QUARTZ.DLL in Microsoft Windows Media Player 9 allows remote attackers to write a null byte to arbitrary memory via an AVI file with a crafted strn element with a modified length value.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2005-2128	Version:	6
Platform(s):	Microsoft Windows XP	Product(s):	DirectX
Definition Synopsis:
DirectX packaged with Windows XP,SP1 has DirectShow Vulnerability Windows XP is installed AND Win2K/XP/2003 service pack 1 is installed AND the version of Quartz.dll is greater than or equal to 6.4.2600.0 AND the version of Quartz.dll is less than 6.4.2600.1738 OR Standalone DirectX 8 has DirectShow Vulnerability DirectX 8.x Installed AND the version of Quartz.dll is less than 6.3.1.889 OR Standalone DirectX 9 has DirectShow Vulnerability DirectX 9.x Installed AND the version of Quartz.dll is less than 6.3.1.889