CVE-2009-0084

Currently unrated

Key Information:

Vendor: Microsoft
Status: Directx
Vendor: CVE Published:; 15 April 2009

Summary

Use-after-free vulnerability in DirectShow in Microsoft DirectX 8.1 and 9.0 allows remote attackers to execute arbitrary code via an MJPEG file or video stream with a malformed Huffman table, which triggers an exception that frees heap memory that is later accessed, aka "MJPEG Decompression Vulnerability."

References

http://www.us-cert.gov/cas/techalerts/TA09-104A.html

third-party-advisoryx_refsource_CERT

http://osvdb.org/53632

vdb-entryx_refsource_OSVDB

http://secunia.com/advisories/34665

third-party-advisoryx_refsource_SECUNIA

EPSS Score

61% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 15, 2009
Vulnerability Reserved
Jan 8, 2009

Collectors

NVD DatabaseMitre Database