Microsoft DirectX SAMI parser buffer overflow
Added: 01/22/2008CVE: CVE-2007-3901
BID: 26789
OSVDB: 39126
Background
DirectX is a feature of the Windows operating system used for streaming media.Problem
A buffer overflow vulnerability in DirectX allows command execution when a user opens a specially crafted SAMI file in Windows Media Player.Resolution
Apply the patch referenced in Microsoft Security Bulletin 07-064.References
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=632Limitations
Exploit works on Windows 2000 with DirectX 7.0 (4.07.00.0700) or DirectX 8.1 (4.08.01.0881). Successful exploitation requires a user to open the exploit file in Windows Media Player 6.4.Platforms
Windows 2000Back to exploit index