VRDA Feed by JPCERT/CC
  Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis
[ about VRDA Feed | JPCERT/CC



 
Vulnerability Analysis Result (Revision No : 1) [ Download XML
CVE-2010-1880
directx: Unspecified vulnerability in Quartz.dll for DirectS...
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1880

Original

Unspecified vulnerability in Quartz.dll for DirectShow on Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1, and Server 2008 allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "MJPEG Media Decompression Vulnerability."

Translation   (Show)





About This Analysis Information
Analysis Information Provider:
NIST NVD
First Published:
2010-06-08
Source Information Category:
Advisory, Alert
Last Updated:
2010-06-09




Affected Product Tags
cpe:/a:microsoft:directx:9.0
cpe:/a:microsoft:directx:9.0a
cpe:/a:microsoft:directx:9.0b
cpe:/a:microsoft:directx:9.0c
cpe:/o:microsoft:windows_2000::sp4
cpe:/o:microsoft:windows_2003_server::sp2
cpe:/o:microsoft:windows_2003_server::sp2:x64
cpe:/o:microsoft:windows_server_2008:::itanium
cpe:/o:microsoft:windows_server_2008:::x32
cpe:/o:microsoft:windows_server_2008:::x64
cpe:/o:microsoft:windows_vista:-:sp1
cpe:/o:microsoft:windows_vista::sp1
cpe:/o:microsoft:windows_vista::sp1:x64
cpe:/o:microsoft:windows_xp:-:sp2:x64
cpe:/o:microsoft:windows_xp::sp2
cpe:/o:microsoft:windows_xp::sp3
 


Vulnerability Analysis Results
[Access Vector]  [?]
Undefined [?]

Local [?]
Adjacent Network [?]
X Network [?]
[Access Complexit]  [?]
Undefined [?]

High [?]
X Medium [?]
Low [?]
[Authentication]  [?]
Undefined [?]

Multiple [?]
Single [?]
X None [?]
[Confidentiality Impact]  [?]
Undefined [?]

None [?]
Partial [?]
X Complete [?]
[Integrity Impact]  [?]
Undefined [?]

None [?]
Partial [?]
X Complete [?]
[Availability Impact]  [?]
Undefined [?]

None [?]
Partial [?]
X Complete [?]
Alternatives




References
TA10-159B




MS MS10-033




Vulnerability Type Code Injection (CWE-94)




Copyright © 2010 JPCERT/CC All Rights Reserved.