Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:STC:DL:DS-ATOM-TABLE

Severity

 Major

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Microsoft DirectShow Remote Code Execution

Release Date

 2009/05/29

Update Number

 1434

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Microsoft DirectShow Remote Code Execution


This signature detects attempts to exploit a known vulnerability against Microsoft DirectShow. A successful attack can allow attackers to execute remote code in the context of the current logged in user.

Extended Description

Microsoft DirectX is prone to a remote code-execution vulnerability because the DirectShow component fails to properly handle QuickTime media files. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the user running the application that uses DirectX. Failed exploit attempts will result in a denial-of-service condition.

Affected Products

  • Microsoft directx 7.0
  • Microsoft directx 8.1
  • Microsoft directx 8.1 a
  • Microsoft directx 8.1 b
  • Microsoft directx 9.0
  • Microsoft directx 9.0 a
  • Microsoft directx 9.0b
  • Microsoft directx 9.0 c
  • Nortel_networks callpilot 1005R
  • Nortel_networks callpilot 201I
  • Nortel_networks callpilot 202I
  • Nortel_networks callpilot 600R
  • Nortel_networks callpilot 703T
  • Nortel_networks contact_center
  • Nortel_networks contact_center_administration
  • Nortel_networks contact_center_administration_ccma 6.0
  • Nortel_networks contact_center-agent_desktop_display
  • Nortel_networks contact_center-cct 5
  • Nortel_networks contact_center-cct
  • Nortel_networks contact_center-contact_recording
  • Nortel_networks contact_center_express
  • Nortel_networks contact_center_manager
  • Nortel_networks contact_center_manager_server
  • Nortel_networks contact_center_multimedia
  • Nortel_networks contact_center_ncc
  • Nortel_networks contact_center-quality_monitoring
  • Nortel_networks contact_center-tapi_server
  • Nortel_networks contact_center_web_client
  • Nortel_networks self-service
  • Nortel_networks self-service-ccss7
  • Nortel_networks self-service_ccxml
  • Nortel_networks self-service_media_processing_server
  • Nortel_networks self-service_mps_100
  • Nortel_networks self-service_mps_1000
  • Nortel_networks self-service_mps_500
  • Nortel_networks self-service_peri_application
  • Nortel_networks self-service-peri_application_rel 3.0
  • Nortel_networks self-service_peri_workstation
  • Nortel_networks self-service_speech_server
  • Nortel_networks self_service_voicexml
  • Nortel_networks self-service_wvads
  • Nortel_networks symposium_agent
  • Nortel_networks symposium_tapi_service_provider
  • Nortel_networks tapi_desktop

References

  • BugTraq: 35139
  • CVE: CVE-2009-1537

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out