---------------------------------------------------------------------- Secunia integrated with Microsoft WSUS http://secunia.com/blog/71/ ---------------------------------------------------------------------- TITLE: Microsoft DirectShow AVI File Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA38511 VERIFY ADVISORY: http://secunia.com/advisories/38511/ DESCRIPTION: A vulnerability has been reported in Microsoft DirectX, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error when parsing AVI files and can be exploited to cause a heap-based buffer overflow. Successful exploitation allows execution of arbitrary code. SOLUTION: Apply patches. -- Windows 2000 SP4 -- AVI Filter: http://www.microsoft.com/downloads/details.aspx?familyid=ba110440-10ce-40a0-884a-8b9afd45a3e3 Quartz: http://www.microsoft.com/downloads/details.aspx?familyid=16787c93-2c95-4c13-8492-be1db9d18146 Quartz in DirectX 9.0: http://www.microsoft.com/downloads/details.aspx?familyid=59a8bc19-02bb-4800-bac1-464f59e1cb7b -- Windows XP SP2/SP3 -- AVI Filter: http://www.microsoft.com/downloads/details.aspx?familyid=a9beb2bd-e5f6-43f9-bbcc-a2afee5e5ceb Quartz: http://www.microsoft.com/downloads/details.aspx?familyid=7ab53be3-3f42-4e61-a2bc-3ed41d8736ff -- Windows XP Professional x64 Edition SP2 -- AVI Filter: http://www.microsoft.com/downloads/details.aspx?familyid=dedc3010-a989-45f7-b9d4-f7079db3e572 Quartz: http://www.microsoft.com/downloads/details.aspx?familyid=7543e819-cd36-4e89-9850-60f00c50999d -- Windows Server 2003 SP2 -- AVI Filter: http://www.microsoft.com/downloads/details.aspx?familyid=cc5150d7-070e-4a87-9c02-d050a8cb2204 Quartz: http://www.microsoft.com/downloads/details.aspx?familyid=983c5484-6321-4765-97ec-8d42d42d1f70 -- Windows Server 2003 x64 Edition SP2 -- AVI Filter: http://www.microsoft.com/downloads/details.aspx?familyid=db13e99b-2f2a-4474-8d6e-271b025bd07f Quartz: http://www.microsoft.com/downloads/details.aspx?familyid=7dc20252-6091-407b-befc-c25e8f5d3fb0 -- Windows Server 2003 with SP2 for Itanium-based Systems -- AVI Filter: http://www.microsoft.com/downloads/details.aspx?familyid=aec66173-e2c6-4c39-8d60-8fbef6d7b764 Quartz: http://www.microsoft.com/downloads/details.aspx?familyid=b1a7533a-913f-4054-b579-489a257bae5f -- Windows Vista (optionally with SP1/SP2) -- Quartz: http://www.microsoft.com/downloads/details.aspx?familyid=7130ce0f-df38-4c96-ac54-cdbff35f03e7 -- Windows Vista x64 Edition (optionally with SP1/SP2) -- Quartz: http://www.microsoft.com/downloads/details.aspx?familyid=de7b7c8f-bd0a-4e13-bd58-d95507a6274b -- Windows Server 2008 for 32-bit Systems (optionally with SP2) -- Quartz: http://www.microsoft.com/downloads/details.aspx?familyid=5ac0a948-0bdc-4c10-9b88-16a5d7092e47 -- Windows Server 2008 for x64-based Systems (optionally with SP2) -- Quartz: http://www.microsoft.com/downloads/details.aspx?familyid=362fea40-649b-4471-aad7-db29edd0ac10 -- Windows Server 2008 for Itanium-based Systems (optionally with SP2) -- Quartz: http://www.microsoft.com/downloads/details.aspx?familyid=effa638b-cfc1-4777-8219-7b433ed5e717 -- Windows 7 for 32-bit Systems -- Quartz: http://www.microsoft.com/downloads/details.aspx?familyid=4ec49aa2-81df-4e65-80da-6201394c4089 -- Windows 7 for x64-based Systems -- Quartz: http://www.microsoft.com/downloads/details.aspx?familyid=a8a2519c-3b89-4987-9473-920adafc78cb -- Windows Server 2008 R2 for x64-based Systems -- Quartz: http://www.microsoft.com/downloads/details.aspx?familyid=a9811baa-1500-4c73-940b-57f8c5456891 -- Windows Server 2008 R2 for Itanium-based Systems -- Quartz: http://www.microsoft.com/downloads/details.aspx?familyid=2ed23bf5-6217-413c-a7ba-eccc82139d68 PROVIDED AND/OR DISCOVERED BY: The vendor credits ZDI. ORIGINAL ADVISORY: MS10-013 (KB977935, KB977914, KB975560): http://www.microsoft.com/technet/security/Bulletin/MS10-013.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------