Vulnerability in N/a
CVE-2007-3895
Buffer overflow in Microsoft DirectShow in Microsoft DirectX 7.0 through 10.0 allows remote attackers to execute arbitrary code via a crafted (1) WAV or (2) AVI file.
EPSS: 0.629 (98.4th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- 20071211 Multiple Microsoft DirectShow Remote Code Execution Vulnerabilities (x_refsource_ISS, third-party-advisory)
- MS07-064 (x_refsource_MS, vendor-advisory)
- ms-directshow-wav-code-execution(38722) (vdb-entry, x_refsource_XF)
- SSRT071506 (x_refsource_HP, vendor-advisory)
- 1019073 (vdb-entry, x_refsource_SECTRACK)
- 26804 (vdb-entry, x_refsource_BID)
- 28010 (x_refsource_SECUNIA, third-party-advisory)
- oval:org.mitre.oval:def:4287 (x_refsource_OVAL, signature, vdb-entry)
- TA07-345A (x_refsource_CERT, third-party-advisory)
- VU#321233 (x_refsource_CERT-VN, third-party-advisory)