Media Decompression Vulnerability in DirectShow, Windows Media Format Runtime, and Media Encoder
CVE-2010-1879

Currently unrated

Key Information:

Vendor

Microsoft
Status
Directx
Vendor
CVE Published:
8 June 2010

What is CVE-2010-1879?

A vulnerability exists in Quartz.dll used by DirectShow and the Windows Media Format Runtime, along with the Asycfilt.dll COM component. This issue allows remote attackers to execute arbitrary code through specially crafted media files that contain malicious compression data. Such vulnerabilities underline the importance of regular updates and security measures to safeguard systems against potential exploitation.

References

https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS
http://www.us-cert.gov/cas/techalerts/TA10-159B.html
third-party-advisoryx_refsource_CERT

EPSS Score

57% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.