Remote Code Execution Vulnerability in Microsoft Windows Media Compression
CVE-2010-1880

Currently unrated

Key Information:

Vendor: Microsoft
Status: Directx
Vendor: CVE Published:; 8 June 2010

Summary

An unspecified vulnerability exists in Quartz.dll for DirectShow on various versions of Microsoft Windows. This flaw allows remote attackers to execute arbitrary code by exploiting crafted media files that contain specially formatted compression data. Attackers can target systems running on legacy Windows operating systems, including Windows 2000, XP, and Server editions. Proper security measures must be implemented to mitigate potential risks associated with this vulnerability, especially in environments that still utilize affected Windows versions.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://osvdb.org/65222

vdb-entryx_refsource_OSVDB

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

57% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 8, 2010
Vulnerability Reserved
May 11, 2010