CVE-2010-1879

Published Jun 8, 2010

Last updated 6 years ago

CVSS info 9.3

Overview

Description: Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media Format Runtime 9, 9.5, and 11; Media Encoder 9; and the Asycfilt.dll COM component allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "Media Decompression Vulnerability."
Source: secure@microsoft.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-94

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:directx:9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2936E9C2-65E6-4D26-A277-FF2AE13A3FEC"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:directx:9.0a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B2F096A3-DD19-4D54-94F4-027DBDF1A705"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:directx:9.0b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70A8E96E-F752-43D2-83C3-877DE1042B80"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:directx:9.0c:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44C68B75-2B7A-450B-BA1B-03E77E03B59B"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0FD41070-7ED7-41D6-AF81-C038A8DB3C0D"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:9.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F6DBB016-22A2-4B12-A1A4-DEE8ABF14B9B"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:9.5:*:x64:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87AA5126-90FF-40F5-8664-E8260C2C8CF5"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:windows_media_format_runtime:11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61AAD264-CC98-4FB7-BDDD-6920D4AD1B5D"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:windows_media_encoder:9:-:x64:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "609E859B-88D6-4CC3-8F49-F09884643955"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:windows_media_encoder:9:-:x86:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6AEE67A7-C46C-4DAC-BE3A-66DF96617BFF"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References