Microsoft Windows DirectX MJPEG decoder code execution

multimedia-codec-stack-bo (39052)

High Risk

Description:

Microsoft Windows DirectX could allow a remote attacker to execute arbitrary code on the system, caused by improper error checking on MJPEG video streams embedded within Audio Video Interleave (AVI) or Advanced Systems Format (ASF) media files. By persuading a victim to open a specially-crafted ASF or AVI, a remote attacker could exploit this vulnerability to execute arbitrary code on the system.

Platforms Affected:

• Microsoft, DirectX 10.0
• Microsoft, DirectX 8.1
• Microsoft, DirectX 9.0
• Microsoft, DirectX 9.0a
• Microsoft, DirectX 9.0b
• Microsoft, DirectX 9.0c

Remedy:

Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS08-033. See References.

For other distributions:
Apply the appropriate update for your system. See References.

Consequences:

Gain Access

References:

• HPSBST02344 SSRT080087 rev.1, Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-030 to MS08-036 at http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01482941.
• Microsoft Security Bulletin MS08-033, Vulnerabilities in DirectX Could Allow Remote Code Execution (951698) at http://www.microsoft.com/technet/security/Bulletin/MS08-033.mspx.
• NORTEL BULLETIN ID: 2008008891, Rev 1, Centrex IP Client Manager (CICM) response to Microsoft June security bulletin at http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=734247.
• NORTEL BULLETIN ID: 2008008897, Rev 1, Nortel Response to Microsoft Security Bulletin MS08-033 at http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=734154.
• ASA-2008-235: MS08-033 Vulnerabilities in DirectX Could Allow Remote Code Execution (951698)
• BID-29581: Microsoft DirectX MJPEG Video Streaming Stack Based Buffer Overflow Vulnerability
• CVE-2008-0011: Microsoft DirectX 8.1 through 9.0c, and DirectX on Microsoft XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008, does not properly perform MJPEG error checking, which allows remote attackers to execute arbitrary code via a crafted MJPEG stream in a (1) AVI or (2) ASF file, aka the MJPEG Decoder Vulnerability.
• FrSIRT/ADV-2008-1780: Microsoft Windows DirectX Remote Code Execution (MS08-033)
• SA30579: Microsoft DirectX MJPEG/SAMI File Processing Vulnerabilities
• SECTRACK ID: 1020222: Microsoft DirectX MJPEG Stream Error Handling Bug Lets Remote Users Execute Arbitrary Code

Reported:

Jun 10, 2008

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

Copyright (c) 1994-2008 Internet Security Systems, Inc. All rights reserved worldwide.

For corrections or additions please email xforce@iss.net

Return to the main page