CVE-2009-1537
Description
Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted QuickTime media file, as exploited in the wild in May 2009, aka DirectX NULL Byte Overwrite Vulnerability.
Risk Information
Base Score
9.6
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C
EPSS Score
Exploitation Probability
68.076
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Security Update for Windows 2000 (KB971633) | Windows |
| Security Update for DirectX 8 for Windows 2000 (KB971633) | Windows |
| Security Update for DirectX 9 for Windows 2000 (KB971633) | Windows |
| Security Update for Windows XP (KB971633) x86 based systems | Windows |
| Security Update for Windows XP (KB971633) x86 based systems for SP3 | Windows |
| Security Update for Windows Server 2003 (KB971633) | Windows |
| Security Update for Windows XP x64 Edition (KB971633) | Windows |
| Security Update for Windows Server 2003 x64 Edition (KB971633) | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234