Vulnerability Bulletins |
Ejecución remota de código en Microsoft Windows Directshow |
|
Vulnerability classification |
|
| Property | Value |
| Confidence level | Oficial |
| Impact | Obtener acceso |
| Dificulty | Experto |
| Required attacker level | Acceso remoto sin cuenta a un servicio exotico |
System information |
|
| Property | Value |
| Affected manufacturer | Microsoft |
| Affected software |
Microsoft DirectX 7.x Microsoft DirectX 8.x Microsoft DirectX 9.x |
Description |
|
|
Se ha descubierto un desbordamiento de búfer en DirectX 7.x, 8.x y 9.x. La vulnerabilidad reside en que la librería "QUARTZ.DLL" que forma parte de DirectShow tiene un error de validación al decodificar películas AVI, lo que puede ser aprovechado para escribir un byte nulo en una posición arbitraria de memoria. Un atacante remoto podría ejecutar código arbitrario en el sistema vulnerable mediante el envío de un fichero AVI especialmente diseñado que la víctima tendría que abrir. |
|
Solution |
|
|
Actualización de software Microsoft Microsoft DirectX 7.0 / Microsoft Windows 2000 SP4 http://www.microsoft.com/downloads/details.aspx?FamilyId=2feffe6c-6c1c-42d9-b15e-f8f8d9c0e60e Microsoft DirectX 8.1 / Microsoft Windows XP SP1 Microsoft DirectX 9.0c / Microsoft Windows XP SP2 http://www.microsoft.com/downloads/details.aspx?FamilyId=2636cfce-49ea-4d06-80ba-21a84f3658a5 Microsoft DirectX 9.0c / Microsoft Windows XP Professional x64 http://www.microsoft.com/downloads/details.aspx?FamilyId=ef614cdc-1db5-4b5c-8440-714941799a9f Microsoft DirectX 8.1 / Microsoft Windows Server 2003 Microsoft DirectX 9.0c / Microsoft Windows Server 2003 SP1 http://www.microsoft.com/downloads/details.aspx?FamilyId=66f44766-3741-4c83-aa5f-1b3498131dd9 Microsoft DirectX 8.1 / Microsoft Windows Server 2003 Itanium Microsoft DirectX 9.0c / Microsoft Windows Server 2003 SP1 Itanium http://www.microsoft.com/downloads/details.aspx?FamilyId=7f8342a0-2462-46d3-9e40-262f72db68a6 Microsoft DirectX 9.0c / Microsoft Windows Server 2003 x64 http://www.microsoft.com/downloads/details.aspx?FamilyId=76c3815c-a966-49eb-825f-1b8454c09bbf Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), Microsoft Windows Millennium Edition (ME) Review the FAQ section of this bulletin for details about these operating systems. Microsoft DirectX 8.0, 8.0a, 8.1, 8.1a, 8.1b, 8.2 / Windows 2000 SP4 http://www.microsoft.com/downloads/details.aspx?FamilyId=FEDC7212-27B8-4993-9965-53E9298DB386 Microsoft DirectX 9.0, 9.0a, 9.0b, 9.0c / Windows 2000 SP4 http://www.microsoft.com/downloads/details.aspx?FamilyId=1853AD1F-92C8-4C2B-8F52-9B2FC8DBF769 Microsoft DirectX 9.0, 9.0a, 9.0b, 9.0c / Windows XP SP1 http://www.microsoft.com/downloads/details.aspx?FamilyId=36FBED29-E264-4BC7-AB48-2CC4A59ACAA1 Microsoft DirectX 9.0, 9.0a, 9.0b, 9.0c / Windows Server 2003 http://www.microsoft.com/downloads/details.aspx?FamilyId=6083BA2D-4F1A-4900-8F7D-A32CB41CB5FA |
|
Standar resources |
|
| Property | Value |
| CVE | CAN-2005-2128 |
| BID | |
Other resources |
|
|
Microsoft Security Bulletin (MS05-050) http://www.microsoft.com/technet/security/Bulletin/MS05-050.mspx |
|
Version history |
||
| Version | Comments | Date |
| 1.0 | Aviso emitido | 2005-10-13 |