Buffer overflow in Microsoft Windows_7

CVE-2010-0250

Heap-based buffer overflow in DirectShow in Microsoft DirectX, as used in the AVI Filter on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2, and in Quartz on Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 20…

Vulnerability class: Buffer Overflow

EPSS: 0.711 (98.7th percentile) — read the EPSS interpretation.

Affected products

Microsoft Windows_7
Microsoft Windows_server_2008 — versions r2
Microsoft Windows_vista
Microsoft Windows_xp
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

38511 (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
secure@microsoft.com (x_refsource_CONFIRM)
20100209 ZDI-10-015: Microsoft Windows RLE Video Decompressor Remote Code Execution Vulnerability (mailing-list, x_refsource_BUGTRAQ)
38112 (vdb-entry, x_refsource_BID)
TA10-040A (US Government Resource, x_refsource_CERT, third-party-advisory)
secure@microsoft.com (x_refsource_MISC)
MS10-013 (x_refsource_MS, vendor-advisory)
oval:org.mitre.oval:def:8064 (signature, x_refsource_OVAL, vdb-entry)