Buffer Overflow in Microsoft DirectShow Affects DirectX Products
CVE-2007-3895

Currently unrated

Key Information:

Vendor: Microsoft
Status: Directx
Vendor: CVE Published:; 12 December 2007

What is CVE-2007-3895?

A buffer overflow vulnerability exists within Microsoft DirectShow, affecting various versions of DirectX (from 7.0 to 10.0). This flaw allows remote attackers to execute arbitrary code by sending specially crafted WAV or AVI files. Exploiting this vulnerability can lead to unauthorized access and potential system compromise, highlighting the importance of maintaining up-to-date security patches and adopting best practices in file handling.

References

http://www.iss.net/threats/280.html

third-party-advisoryx_refsource_ISS

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

https://exchange.xforce.ibmcloud.com/vulnerabilities/38722

vdb-entryx_refsource_XF

EPSS Score

71% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 12, 2007
Vulnerability Reserved
Jul 19, 2007