CVE-2007-3901

Published Dec 12, 2007

Last updated 6 years ago

CVSS info 8.5

Overview

Description: Stack-based buffer overflow in the DirectShow Synchronized Accessible Media Interchange (SAMI) parser in quartz.dll for Microsoft DirectX 7.0 through 10.0 allows remote attackers to execute arbitrary code via a crafted SAMI file.
Source: secure@microsoft.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 8.5
Impact score: 10
Exploitability score: 6.8
Vector string: AV:N/AC:M/Au:S/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:datacenter_edition:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "480D8321-EB2F-4626-A16B-F3C2B771EDB3"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise_edition:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0095FE21-F45F-4D50-A22B-6AEF5ED4D691"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:standard:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "709E6DA0-09F8-4EAB-B1B2-D4D0A7771AC1"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_2003_server:web_edition:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E296F83E-39E1-4DA0-A410-DDD17BDB3939"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BC176BB0-1655-4BEA-A841-C4158167CC9B"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:professional:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CC5A2998-AFD9-4AD3-BC47-E653345323AB"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:directx:5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "194DA1C4-F08C-4219-87DC-BC6B389372EB"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:directx:6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D4A0B238-DEC5-4DFC-AB8D-2F78E03B0589"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:directx:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2BFE77B9-6C2A-45D3-A4B5-2679CC4B0DA2"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:directx:7.0a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "459D411C-4994-41DB-9594-F460EADA3351"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:directx:7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F01F75D-4C20-4DA2-BD3B-4A3BD466F773"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:directx:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D1C38DA-F7C2-4291-8384-E822BAE7F25D"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:directx:8.0a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB69C888-AAE7-4472-B2D3-76CEFFF48D7E"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:directx:8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8FF0278F-AFA7-48BA-8762-5569EC174AEE"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:directx:8.1a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD4C6E3F-58B3-4871-AC3A-DC54F9031C1A"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:directx:8.1b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1BBFBDA6-90F5-4A8A-BD47-2DCA5CA8D5AA"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:directx:8.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A84968C5-EFBE-4BC6-8A3B-0110A65EC97E"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:directx:9.0a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B2F096A3-DD19-4D54-94F4-027DBDF1A705"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:directx:9.0b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70A8E96E-F752-43D2-83C3-877DE1042B80"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:directx:9.0c:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44C68B75-2B7A-450B-BA1B-03E77E03B59B"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:directx:10.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5A53A6AC-74B0-4DB3-B94D-06FB969AE83C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References