MJPEG Decoder Flaw in Microsoft DirectX Products
CVE-2008-0011

Currently unrated

Key Information:

Vendor
Microsoft
Status
Directx
Vendor
CVE Published:
12 June 2008

Summary

Microsoft DirectX versions 8.1 through 9.0c are susceptible to a vulnerability that fails to adequately validate MJPEG streams. This inadequacy allows remote attackers to exploit this flaw by crafting malicious MJPEG streams contained within AVI or ASF files. When the affected software processes these streams, it could lead to arbitrary code execution, potentially compromising the security and functionality of the system.

References

http://www.vupen.com/english/advisories/2008/1780
vdb-entryx_refsource_VUPEN
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
http://securitytracker.com/id?1020222
vdb-entryx_refsource_SECTRACK

EPSS Score

69% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2008-0011 : MJPEG Decoder Flaw in Microsoft DirectX Products | SecurityVulnerability.io