Executive Summary
Summary | |
---|---|
Title | Vulnerabilities in Media Decompression Could Allow Remote Code Execution (979902) |
Informations | |||
---|---|---|---|
Name | MS10-033 | First vendor Publication | 2010-06-08 |
Vendor | Microsoft | Last vendor Modification | 2010-06-23 |
Severity (Vendor) | Critical | Revision | 1.3 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V1.3 (June 23, 2010): Corrected the verification registry keys for Quartz.dll (DirectShow), Asycfilt.dll (COM component), and Windows Media Format Runtime 9.5 on Windows XP Professional x64 Edition Service Pack 2.Summary: This security update resolves two privately reported vulnerabilities in Microsoft Windows. These vulnerabilities could allow remote code execution if a user opens a specially crafted media file or receives specially crafted streaming content from a Web site or any application that delivers Web content. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
Original Source
Url : http://www.microsoft.com/technet/security/bulletin/MS10-033.mspx |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:6641 | |||
Oval ID: | oval:org.mitre.oval:def:6641 | ||
Title: | MJPEG Media Decompression Vulnerability | ||
Description: | Unspecified vulnerability in Quartz.dll for DirectShow on Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1, and Server 2008 allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "MJPEG Media Decompression Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1880 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | Quartz.dll (DirectShow) |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7517 | |||
Oval ID: | oval:org.mitre.oval:def:7517 | ||
Title: | Media Decompression Vulnerability | ||
Description: | Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media Format Runtime 9, 9.5, and 11; Media Encoder 9; and the Asycfilt.dll COM component allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "Media Decompression Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-1879 | Version: | 15 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Windows Media Format Runtime 9.0 Windows Media Format Runtime 9.5 Windows Media Format Runtime 11 Quartz.dll (DirectShow) |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 4 | |
Application | 2 | |
Application | 4 |
OpenVAS Exploits
Date | Description |
---|---|
2010-06-09 | Name : Microsoft Media Decompression Remote Code Execution Vulnerability (979902) File : nvt/secpod_ms10-033.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
65222 | Microsoft Windows MJPEG Media Decompression Unspecified Remote Code Execution Microsoft Windows contains a flaw that may allow a context-dependent attacker to execute arbitrary code with a MJPEG video file containing crafted compression data. No further details have been provided. |
65221 | Microsoft Windows Media Decompression Unspecified Remote Code Execution Microsoft Windows contains a flaw that may allow a context-dependent attacker to execute arbitrary code with a media file containing crafted compression data. No further details have been provided. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2010-06-10 | IAVM : 2010-A-0078 - Multiple Vulnerabilities in Microsoft Windows Severity : Category II - VMSKEY : V0024371 |
Snort® IPS/IDS
Date | Description |
---|---|
2017-07-27 | Microsoft Windows Media Player JPG header record mismatch memory corruption a... RuleID : 43336 - Revision : 1 - Type : FILE-MULTIMEDIA |
2017-07-27 | Microsoft Windows Media Player JPG header record mismatch memory corruption a... RuleID : 43335 - Revision : 1 - Type : FILE-MULTIMEDIA |
2014-01-10 | Microsoft Windows DirectX quartz.dll MJPEG content processing memory corrupti... RuleID : 19146 - Revision : 16 - Type : FILE-MULTIMEDIA |
2014-01-10 | Microsoft Windows Media Player JPG header record mismatch memory corruption a... RuleID : 19143 - Revision : 16 - Type : FILE-MULTIMEDIA |
2014-01-10 | Microsoft Windows DirectX quartz.dll MJPEG content processing memory corrupti... RuleID : 16661 - Revision : 20 - Type : FILE-MULTIMEDIA |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-06-09 | Name : Opening a specially crafted media file can result in arbitrary code execution. File : smb_nt_ms10-033.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:46:33 |
|
2014-01-19 21:30:28 |
|
2013-11-11 12:41:17 |
|
2013-05-11 00:49:38 |
|