Welcome to TechNet Blogs Sign in | Join | Help

Browse by Tags

All Tags » quartz.dll   (RSS)
Thursday, May 28, 2009 10:21 AM

New vulnerability in quartz.dll Quicktime parsing

Recently, we found a remote code execution vulnerability in Microsoft’s DirectShow platform (quartz.dll) when processing the QuickTime format. We have released advisory 971778 providing guidance to help protect customers. We’d like to go into more detail
Posted by swiblog | (Comments Off)
Thursday, April 16, 2009 8:04 PM

MIDI PoC not exploitable for code execution

On Wednesday, a PoC was posted to milw0rm describing an “integer overflow” in Windows Media Player. We investigated the .mid file and found it to be a duplicate of a non-exploitable crash previously posted publicly on Bugtraq around Christmas, four months
Posted by swiblog | (Comments Off)
Monday, December 29, 2008 12:40 PM

Windows Media Player crash not exploitable for code execution

On Christmas Day, the MSRC opened a case tracking a Bugtraq-posted POC describing a “malformed WAV,SND,MID file which can lead to a remote integer overflow”. By Saturday evening, we saw reputable internet sources claiming this bug could lead to executing
Posted by swiblog | (Comments Off)
Tuesday, June 10, 2008 11:51 AM

MS08-033: So what breaks when you ACL quartz.dll?

In some of the multimedia MSRC bulletins that have been released there is a workaround listed about changing ACL’s on Quartz.dll. So, what exactly breaks when we ACL Quartz.dll? Quartz.dll is a core component of the DirectShow framework. Originally a
Posted by swiblog | (Comments Off)
Filed under: ,
 
Page view tracker