Title: Microsoft DirectX SAMI File Parsing Stack Buffer Overflow Vulnerability
Severity: HIGH
Description:
Microsoft DirectX is a component for Microsoft Windows. Microsoft DirectShow is an integrated component for DirectX that allows users to stream media.
DirectX is prone to a stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. The vulnerability resides in the SAMI parser in the 'quartz.dll' library. Specifically, this issue occurs when Microsoft DirectShow parses the parameters of malformed Synchronized Accessible Media Interchange (SAMI) file types.
An attacker could exploit this issue by enticing an unsuspecting victim to open a malicious SAMI file.
Successfully exploiting this issue will allow the attacker to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts may crash the application.
NOTE: Windows Media Player 6.4 on Windows 2000 was previously stated not to be an attack vector. The vendor has corrected this information to state that it is a possible attack vector.
Affected Products:
- Avaya Messaging Application Server
- Avaya Messaging Application Server MM 1.1
- Avaya Messaging Application Server MM 2.0
- Avaya Messaging Application Server MM 3.0
- Avaya Messaging Application Server MM 3.1
- HP Storage Management Appliance 2.1
- HP Storage Management Appliance I
- HP Storage Management Appliance II
- HP Storage Management Appliance III
- Microsoft DirectX 7.0.0
- Microsoft DirectX 8.1
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Advanced Server SP1
- Microsoft Windows 2000 Advanced Server SP2
- Microsoft Windows 2000 Advanced Server SP3
- Microsoft Windows 2000 Advanced Server SP4
- Microsoft Windows 2000 Datacenter Server
- Microsoft Windows 2000 Datacenter Server SP1
- Microsoft Windows 2000 Datacenter Server SP2
- Microsoft Windows 2000 Datacenter Server SP3
- Microsoft Windows 2000 Datacenter Server SP4
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP3
- Microsoft Windows 2000 Professional SP4
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Server SP1
- Microsoft Windows 2000 Server SP2
- Microsoft Windows 2000 Server SP3
- Microsoft Windows 2000 Server SP4
- Nortel Networks CallPilot 1002rp
- Nortel Networks CallPilot 200i
- Nortel Networks CallPilot 201i
- Nortel Networks CallPilot 702t
- Nortel Networks CallPilot 703t
- Nortel Networks Centrex IP Client Manager 10.0
- Nortel Networks Centrex IP Client Manager 9.0
References:
- Avaya: ASA-2007-514 - MS07-064 Vulnerabilities in DirectX Could Allow Remote Code Execu
- Microsoft: Microsoft DirectX Homepage
- Microsoft: Microsoft Security Bulletin MS07-064
- Nortel Networks: Centrex IP Client Manager (CICM) response to Microsoft December security bulleti
- Nortel Networks: Nortel Response to Microsoft Security Bulletin MS07-064
- US-CERT: Vulnerability Note VU#804089 Microsoft DirectX SAMI parsing buffer overflow
- iDefense Labs: Microsoft DirectX 7 and 8 DirectShow Stack Buffer Overflow Vulnerability
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
