|
Microsoft Windows DirectX Remotely Exploitable Buffer Overflow
|
|
Secunia Advisory:
|
SA9335
|
|
|
Release Date:
|
2003-07-23
|
|
Last Update:
|
2003-08-21
|
|
Popularity:
|
22,603 views
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
Microsoft Windows 95
Microsoft Windows 98
Microsoft Windows 98 Second Edition
Microsoft Windows Millenium
Microsoft Windows NT 4.0 Server
Microsoft Windows NT 4.0 Server, Terminal Server Edition
Microsoft Windows NT 4.0 Workstation
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
|
|
| Software: | Microsoft DirectX 5.x
Microsoft DirectX 6.x
Microsoft DirectX 7.x
Microsoft DirectX 8.x
Microsoft DirectX 9.x
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
|
| CVE reference: | CVE-2003-0346
|
|
Description:
A vulnerability has been identified in DirectX allowing malicious people to gain system access.
The problem is two unchecked buffers in "QUARTZ.DLL" which is part of DirectX which allows malicious people to create a MIDI (audio) file which cause a buffer overflow. This could be exploited to run arbitrary code in the context of the logged in user.
MIDI files may be embedded in HTML documents like web pages and emails.
Solution:
Microsoft DirectX version 9.0b is not vulnerable. It is available for Windows 2000, Windows 98, Windows 98 Second Edition, Windows ME and Windows XP:
http://microsoft.com/downloads/detail...-BAEF-5EAB5C851CF5&displaylang=en
Microsoft DirectX version 9.0b is not available for Windows NT, alternative patches are available:
Windows NT 4.0:
http://microsoft.com/downloads/detail...-A07E-053B72B1C652&displaylang=en
Windows NT 4.0 Terminal Server Edition:
http://microsoft.com/downloads/detail...-8322-BCA4CBD7D7C5&displaylang=en
If you do not wish to upgrade to Microsoft DirectX 9.0b, updates for older versions are available:
Microsoft DirectX 7.0 on Windows 2000:
http://microsoft.com/downloads/detail...-A5A7-9A6DE8EFDB9E&displaylang=en
Microsoft DirectX 8.1 on Windows XP 32-bit Edition:
http://microsoft.com/downloads/detail...-B4B5-62E69A0104CE&displaylang=en
Microsoft DirectX 8.1 on Windows XP 64-bit Edition:
http://microsoft.com/downloads/detail...-8B17-7C1A2139EBDC&displaylang=en
Microsoft DirectX 8.1 on Windows Server 2003 32-bit Edition:
http://microsoft.com/downloads/detail...-9175-BF9CA370279D&displaylang=en
Microsoft DirectX 8.1 on Windows Server 2003 64-bit Edition:
http://microsoft.com/downloads/detail...-8BA4-064575055D86&displaylang=en
Microsoft DirectX 9.0a: All Windows versions:
http://microsoft.com/downloads/detail...-8B4F-AC4F6F66C3A2&displaylang=en
Provided and/or discovered by:
eEye Digital Security
Changelog:
2003-08-21: Microsoft updated links for NT4.0 patches.
Original Advisory:
http://www.microsoft.com/technet/security/bulletin/MS03-030.asp
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
