NVD

Id
11821  
Name
CVE-2010-0250  
Description
Heap-based buffer overflow in DirectShow in Microsoft DirectX, as used in the AVI Filter on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2, and in Quartz on Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, allows remote attackers to execute arbitrary code via an AVI file with a crafted length field in an unspecified video stream, which is not properly handled by the RLE video decompressor, aka "DirectShow Heap Overflow Vulnerability."  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-18  
Published
2010-02-10  
Modified Date
2011-01-06  
Seq
2010-0250  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
65122 11821 CVE-2010-0250 oval:org.mitre.oval:def:8064  View
65123 11821 CVE-2010-0250 http://support.avaya.com/css/P8/documents/100074167  View
65124 11821 CVE-2010-0250 MS10-013  View
65125 11821 CVE-2010-0250 20100209 ZDI-10-015: Microsoft Windows RLE Video Decompressor Remote Code Execution Vulnerability  View
65126 11821 CVE-2010-0250 38112  View
65127 11821 CVE-2010-0250 TA10-040A  View
65128 11821 CVE-2010-0250 http://www.zerodayinitiative.com/advisories/ZDI-10-015/  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
35316 JVNDB-2010-001096 Microsoft DirectX の DirectShow におけるヒープベースのバッファオーバーフローの脆弱性 AVI Filter および Quartz で使用される Microsoft DirectX の DirectShow には、任意のコードを実行される脆弱性が存在します。 CVE-2010-0250 42830 CVE-2010-0250 11821 9.3 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001096.html 2010-02-09 2010-03-01 View