Reported July 23, 2003, by Microsoft.

 

VERSIONS AFFECTED

 

  • Microsoft DirectX 9.0a on Windows Server 2003, Windows XP, Windows 2000, and Windows Me

  • Microsoft DirectX 8.1 on Windows 2003 and XP

  • Microsoft DirectX 7.0 on Windows 2000

  • Microsoft DirectX 7.0a on Windows Me

  • Microsoft DirectX 6.1 on Windows 98 Second Edition (Win98SE)

  • Microsoft DirectX 5.2 on Win98

  • Windows NT 4.0 with Windows Media Player (WMP) 6.4 or Internet Explorer (IE) 6.0 Service Pack 1 (SP1)

  • Windows NT Server 4.0, Terminal Server Edition (WTS) with WMP 6.4 or IE 6.0 SP1

 

DESCRIPTION

 

Two buffer-overrun vulnerabilities in Microsoft DirectX can result in the execution of arbitrary code on the vulnerable computer. This vulnerability stems from a pair of flaws in all versions of quartz.dll, which lets Windows applications play MIDI music through a common interface. An attacker can construct a malicious .mid file and configure it to play automatically whenever a victim attempts to view certain HTML, such as an attacker-controlled Web site, resulting in the compromise of the victim's machine. For detailed information about this vulnerability, see the discoverer's Web site.

 

VENDOR RESPONSE

 

Microsoft has released Security Bulletin MS03-030, "Unchecked Buffer in DirectX Could Enable System Compromise (819696)," to address this vulnerability and recommends that affected users immediately apply the patch mentioned in the bulletin.

 

CREDIT

Discovered by eEye Digital Security.