Vulnerability-Lookup

CVE-2009-1537 (GCVE-0-2009-1537)

Vulnerability from cvelistv5 – Published: 2009-05-29 18:00 – Updated: 2026-05-21 03:55

CISA KEV

Summary

Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted QuickTime media file, as exploited in the wild in May 2009, aka "DirectX NULL Byte Overwrite Vulnerability."

Severity

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

Assigner

microsoft

References

13 references

URL	Tags
https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
http://blogs.technet.com/srd/archive/2009/05/28/n…	x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
http://secunia.com/advisories/35268	third-party-advisoryx_refsource_SECUNIA
http://www.securitytracker.com/id?1022299	vdb-entryx_refsource_SECTRACK
http://www.vupen.com/english/advisories/2009/1886	vdb-entryx_refsource_VUPEN
http://www.vupen.com/english/advisories/2009/1445	vdb-entryx_refsource_VUPEN
http://osvdb.org/54797	vdb-entryx_refsource_OSVDB
http://www.securityfocus.com/bid/35139	vdb-entryx_refsource_BID
http://www.us-cert.gov/cas/techalerts/TA09-195A.html	third-party-advisoryx_refsource_CERT
http://isc.sans.org/diary.html?storyid=6481	x_refsource_MISC
http://www.microsoft.com/technet/security/advisor…	x_refsource_CONFIRM
http://blogs.technet.com/msrc/archive/2009/05/28/…	x_refsource_CONFIRM

Date Public

2009-05-28 00:00

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: 675f3e40-1b20-4f43-8a01-57264171ed3f

Vulnerability ID: CVE-2009-1537

Status: Confirmed

Status Updated: 2026-05-20 00:00 UTC

Exploited: Yes

Timestamps

First Seen: 2026-05-20

Asserted: 2026-05-20

Scope

Notes: KEV entry: Microsoft DirectX NULL Byte Overwrite Vulnerability | Affected: Microsoft / DirectX | Description: Microsoft DirectX contains a NULL byte overwrite vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow which could allow remote attackers to execute arbitrary code via a crafted QuickTime media file. | Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Due date: 2026-06-03 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://learn.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028 ; https://nvd.nist.gov/vuln/detail/CVE-2009-1537

Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details

Cwes
Feed	CISA Known Exploited Vulnerabilities Catalog
Product	DirectX
Due Date	2026-06-03
Date Added	2026-05-20
Vendorproject	Microsoft
Vulnerabilityname	Microsoft DirectX NULL Byte Overwrite Vulnerability
Knownransomwarecampaignuse	Unknown

References

CVE-2009-1537

Created: 2026-05-20 18:00 UTC | Updated: 2026-05-20 18:00 UTC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:13:25.834Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MS09-028",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx"
          },
          {
            "name": "oval:org.mitre.oval:def:6237",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6237"
          },
          {
            "name": "35268",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35268"
          },
          {
            "name": "1022299",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022299"
          },
          {
            "name": "ADV-2009-1886",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1886"
          },
          {
            "name": "ADV-2009-1445",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1445"
          },
          {
            "name": "54797",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/54797"
          },
          {
            "name": "35139",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/35139"
          },
          {
            "name": "TA09-195A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-195A.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://isc.sans.org/diary.html?storyid=6481"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.microsoft.com/technet/security/advisory/971778.mspx"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2009-1537",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-20T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2026-05-20",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2009-1537"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-158",
                "description": "CWE-158 Improper Neutralization of Null Byte or NUL Character",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-21T03:55:22.095Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2009-1537"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2026-05-20T00:00:00.000Z",
            "value": "CVE-2009-1537 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-05-28T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted QuickTime media file, as exploited in the wild in May 2009, aka \"DirectX NULL Byte Overwrite Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01.000Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "MS09-028",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx"
        },
        {
          "name": "oval:org.mitre.oval:def:6237",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6237"
        },
        {
          "name": "35268",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35268"
        },
        {
          "name": "1022299",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022299"
        },
        {
          "name": "ADV-2009-1886",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1886"
        },
        {
          "name": "ADV-2009-1445",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1445"
        },
        {
          "name": "54797",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/54797"
        },
        {
          "name": "35139",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/35139"
        },
        {
          "name": "TA09-195A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-195A.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://isc.sans.org/diary.html?storyid=6481"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.microsoft.com/technet/security/advisory/971778.mspx"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2009-1537",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted QuickTime media file, as exploited in the wild in May 2009, aka \"DirectX NULL Byte Overwrite Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MS09-028",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028"
            },
            {
              "name": "http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx",
              "refsource": "CONFIRM",
              "url": "http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx"
            },
            {
              "name": "oval:org.mitre.oval:def:6237",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6237"
            },
            {
              "name": "35268",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35268"
            },
            {
              "name": "1022299",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022299"
            },
            {
              "name": "ADV-2009-1886",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1886"
            },
            {
              "name": "ADV-2009-1445",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1445"
            },
            {
              "name": "54797",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/54797"
            },
            {
              "name": "35139",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/35139"
            },
            {
              "name": "TA09-195A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-195A.html"
            },
            {
              "name": "http://isc.sans.org/diary.html?storyid=6481",
              "refsource": "MISC",
              "url": "http://isc.sans.org/diary.html?storyid=6481"
            },
            {
              "name": "http://www.microsoft.com/technet/security/advisory/971778.mspx",
              "refsource": "CONFIRM",
              "url": "http://www.microsoft.com/technet/security/advisory/971778.mspx"
            },
            {
              "name": "http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx",
              "refsource": "CONFIRM",
              "url": "http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2009-1537",
    "datePublished": "2009-05-29T18:00:00.000Z",
    "dateReserved": "2009-05-05T00:00:00.000Z",
    "dateUpdated": "2026-05-21T03:55:22.095Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2009-1537",
      "dateAdded": "2026-05-20",
      "dueDate": "2026-06-03",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://learn.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028 ; https://nvd.nist.gov/vuln/detail/CVE-2009-1537",
      "product": "DirectX",
      "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
      "shortDescription": "Microsoft DirectX contains a NULL byte overwrite vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow which could allow remote attackers to execute arbitrary code via a crafted QuickTime media file.",
      "vendorProject": "Microsoft",
      "vulnerabilityName": "Microsoft DirectX NULL Byte Overwrite Vulnerability"
    },
    "epss": {
      "cve": "CVE-2009-1537",
      "date": "2026-05-27",
      "epss": "0.53016",
      "percentile": "0.97996"
    },
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:directx:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2BFE77B9-6C2A-45D3-A4B5-2679CC4B0DA2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:directx:7.0a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"459D411C-4994-41DB-9594-F460EADA3351\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:directx:7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4F01F75D-4C20-4DA2-BD3B-4A3BD466F773\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:directx:8.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8FF0278F-AFA7-48BA-8762-5569EC174AEE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:directx:8.1b:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1BBFBDA6-90F5-4A8A-BD47-2DCA5CA8D5AA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:directx:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2936E9C2-65E6-4D26-A277-FF2AE13A3FEC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:directx:9.0a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2F096A3-DD19-4D54-94F4-027DBDF1A705\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:directx:9.0b:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"70A8E96E-F752-43D2-83C3-877DE1042B80\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:directx:9.0c:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"44C68B75-2B7A-450B-BA1B-03E77E03B59B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*\", \"matchCriteriaId\": \"83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:directx:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2936E9C2-65E6-4D26-A277-FF2AE13A3FEC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:directx:9.0a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2F096A3-DD19-4D54-94F4-027DBDF1A705\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:directx:9.0b:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"70A8E96E-F752-43D2-83C3-877DE1042B80\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:directx:9.0c:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"44C68B75-2B7A-450B-BA1B-03E77E03B59B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*\", \"matchCriteriaId\": \"83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"2978BF86-5A1A-438E-B81F-F360D0E30C9C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*\", \"matchCriteriaId\": \"F7EFB032-47F4-4497-B16B-CB9126EAC9DF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*\", \"matchCriteriaId\": \"6881476D-81A2-4DFD-AC77-82A8D08A0568\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D3B5E4F-56A6-4696-BBB4-19DF3613D020\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"9B339C33-8896-4896-88FF-88E74FDBC543\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*\", \"matchCriteriaId\": \"1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE477A73-4EE4-41E9-8694-5A3D5DC88656\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted QuickTime media file, as exploited in the wild in May 2009, aka \\\"DirectX NULL Byte Overwrite Vulnerability.\\\"\"}, {\"lang\": \"es\", \"value\": \"Vulnerailidad sin especificar en el filtro QuickTime Movie Parser en quartz.dll en DirectShow en Microsoft DirectX v7.0 hasta v9.0c en Windows 2000 SP4, Windows XP SP2 y SP3, y Windows Server 2003 SP2 permite a atacantes remotos ejecutar c\\u00f3digo de su elecci\\u00f3n a trav\\u00e9s de un fichero multimedia QuickTime manipulado, como se ha explotado libremente en Mayo de 2009.\"}]",
      "evaluatorImpact": "Per: http://www.microsoft.com/technet/security/advisory/971778.mspx\r\n\r\n\"Microsoft is aware of limited, active attacks that use this exploit code. While our investigation is ongoing, our investigation so far has shown that Windows 2000 Service Pack 4, Windows XP, and Windows Server 2003 are vulnerable; all versions of Windows Vista and Windows Server 2008 are not vulnerable.\"",
      "id": "CVE-2009-1537",
      "lastModified": "2024-11-21T01:02:43.190",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2009-05-29T18:30:00.187",
      "references": "[{\"url\": \"http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://isc.sans.org/diary.html?storyid=6481\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://osvdb.org/54797\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://secunia.com/advisories/35268\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.microsoft.com/technet/security/advisory/971778.mspx\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/35139\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://www.securitytracker.com/id?1022299\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-195A.html\", \"source\": \"secure@microsoft.com\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1445\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1886\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6237\", \"source\": \"secure@microsoft.com\"}, {\"url\": \"http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://isc.sans.org/diary.html?storyid=6481\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://osvdb.org/54797\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/35268\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.microsoft.com/technet/security/advisory/971778.mspx\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/35139\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1022299\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-195A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1445\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1886\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6237\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "secure@microsoft.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2009-1537\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2009-05-29T18:30:00.187\",\"lastModified\":\"2026-05-21T12:57:12.850\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted QuickTime media file, as exploited in the wild in May 2009, aka \\\"DirectX NULL Byte Overwrite Vulnerability.\\\"\"},{\"lang\":\"es\",\"value\":\"Vulnerailidad sin especificar en el filtro QuickTime Movie Parser en quartz.dll en DirectShow en Microsoft DirectX v7.0 hasta v9.0c en Windows 2000 SP4, Windows XP SP2 y SP3, y Windows Server 2003 SP2 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero multimedia QuickTime manipulado, como se ha explotado libremente en Mayo de 2009.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"cisaExploitAdd\":\"2026-05-20\",\"cisaActionDue\":\"2026-06-03\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"Microsoft DirectX NULL Byte Overwrite Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-158\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:directx:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BFE77B9-6C2A-45D3-A4B5-2679CC4B0DA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:directx:7.0a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"459D411C-4994-41DB-9594-F460EADA3351\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:directx:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F01F75D-4C20-4DA2-BD3B-4A3BD466F773\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:directx:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FF0278F-AFA7-48BA-8762-5569EC174AEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:directx:8.1b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BBFBDA6-90F5-4A8A-BD47-2DCA5CA8D5AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:directx:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2936E9C2-65E6-4D26-A277-FF2AE13A3FEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:directx:9.0a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2F096A3-DD19-4D54-94F4-027DBDF1A705\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:directx:9.0b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70A8E96E-F752-43D2-83C3-877DE1042B80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:directx:9.0c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44C68B75-2B7A-450B-BA1B-03E77E03B59B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:directx:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2936E9C2-65E6-4D26-A277-FF2AE13A3FEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:directx:9.0a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2F096A3-DD19-4D54-94F4-027DBDF1A705\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:directx:9.0b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70A8E96E-F752-43D2-83C3-877DE1042B80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:directx:9.0c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44C68B75-2B7A-450B-BA1B-03E77E03B59B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2978BF86-5A1A-438E-B81F-F360D0E30C9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*\",\"matchCriteriaId\":\"F7EFB032-47F4-4497-B16B-CB9126EAC9DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*\",\"matchCriteriaId\":\"6881476D-81A2-4DFD-AC77-82A8D08A0568\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D3B5E4F-56A6-4696-BBB4-19DF3613D020\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B339C33-8896-4896-88FF-88E74FDBC543\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE477A73-4EE4-41E9-8694-5A3D5DC88656\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*\",\"matchCriteriaId\":\"C6109348-BC79-4ED3-8D41-EA546A540C79\"}]}]}],\"references\":[{\"url\":\"http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://isc.sans.org/diary.html?storyid=6481\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://osvdb.org/54797\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/35268\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.microsoft.com/technet/security/advisory/971778.mspx\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/35139\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securitytracker.com/id?1022299\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA09-195A.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1445\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1886\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6237\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://isc.sans.org/diary.html?storyid=6481\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://osvdb.org/54797\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/35268\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.microsoft.com/technet/security/advisory/971778.mspx\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/35139\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securitytracker.com/id?1022299\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA09-195A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1445\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1886\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6237\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2009-1537\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}],\"evaluatorImpact\":\"Per: http://www.microsoft.com/technet/security/advisory/971778.mspx\\r\\n\\r\\n\\\"Microsoft is aware of limited, active attacks that use this exploit code. While our investigation is ongoing, our investigation so far has shown that Windows 2000 Service Pack 4, Windows XP, and Windows Server 2003 are vulnerable; all versions of Windows Vista and Windows Server 2008 are not vulnerable.\\\"\"}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028\", \"name\": \"MS09-028\", \"tags\": [\"vendor-advisory\", \"x_refsource_MS\", \"x_transferred\"]}, {\"url\": \"http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6237\", \"name\": \"oval:org.mitre.oval:def:6237\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/35268\", \"name\": \"35268\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1022299\", \"name\": \"1022299\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1886\", \"name\": \"ADV-2009-1886\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1445\", \"name\": \"ADV-2009-1445\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://osvdb.org/54797\", \"name\": \"54797\", \"tags\": [\"vdb-entry\", \"x_refsource_OSVDB\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/35139\", \"name\": \"35139\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-195A.html\", \"name\": \"TA09-195A\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT\", \"x_transferred\"]}, {\"url\": \"http://isc.sans.org/diary.html?storyid=6481\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.microsoft.com/technet/security/advisory/971778.mspx\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-07T05:13:25.834Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2009-1537\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-20T17:19:20.984650Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2026-05-20\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2009-1537\"}}}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2009-1537\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-158\", \"description\": \"CWE-158 Improper Neutralization of Null Byte or NUL Character\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-20T17:17:13.842Z\"}, \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-05-20T00:00:00.000Z\", \"value\": \"CVE-2009-1537 added to CISA KEV\"}]}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2009-05-28T00:00:00.000Z\", \"references\": [{\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028\", \"name\": \"MS09-028\", \"tags\": [\"vendor-advisory\", \"x_refsource_MS\"]}, {\"url\": \"http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6237\", \"name\": \"oval:org.mitre.oval:def:6237\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\"]}, {\"url\": \"http://secunia.com/advisories/35268\", \"name\": \"35268\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://www.securitytracker.com/id?1022299\", \"name\": \"1022299\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1886\", \"name\": \"ADV-2009-1886\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1445\", \"name\": \"ADV-2009-1445\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://osvdb.org/54797\", \"name\": \"54797\", \"tags\": [\"vdb-entry\", \"x_refsource_OSVDB\"]}, {\"url\": \"http://www.securityfocus.com/bid/35139\", \"name\": \"35139\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-195A.html\", \"name\": \"TA09-195A\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT\"]}, {\"url\": \"http://isc.sans.org/diary.html?storyid=6481\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.microsoft.com/technet/security/advisory/971778.mspx\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted QuickTime media file, as exploited in the wild in May 2009, aka \\\"DirectX NULL Byte Overwrite Vulnerability.\\\"\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2018-10-12T19:57:01.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028\", \"name\": \"MS09-028\", \"refsource\": \"MS\"}, {\"url\": \"http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx\", \"name\": \"http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6237\", \"name\": \"oval:org.mitre.oval:def:6237\", \"refsource\": \"OVAL\"}, {\"url\": \"http://secunia.com/advisories/35268\", \"name\": \"35268\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://www.securitytracker.com/id?1022299\", \"name\": \"1022299\", \"refsource\": \"SECTRACK\"}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1886\", \"name\": \"ADV-2009-1886\", \"refsource\": \"VUPEN\"}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1445\", \"name\": \"ADV-2009-1445\", \"refsource\": \"VUPEN\"}, {\"url\": \"http://osvdb.org/54797\", \"name\": \"54797\", \"refsource\": \"OSVDB\"}, {\"url\": \"http://www.securityfocus.com/bid/35139\", \"name\": \"35139\", \"refsource\": \"BID\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-195A.html\", \"name\": \"TA09-195A\", \"refsource\": \"CERT\"}, {\"url\": \"http://isc.sans.org/diary.html?storyid=6481\", \"name\": \"http://isc.sans.org/diary.html?storyid=6481\", \"refsource\": \"MISC\"}, {\"url\": \"http://www.microsoft.com/technet/security/advisory/971778.mspx\", \"name\": \"http://www.microsoft.com/technet/security/advisory/971778.mspx\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx\", \"name\": \"http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx\", \"refsource\": \"CONFIRM\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted QuickTime media file, as exploited in the wild in May 2009, aka \\\"DirectX NULL Byte Overwrite Vulnerability.\\\"\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2009-1537\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secure@microsoft.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2009-1537\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-21T03:55:22.095Z\", \"dateReserved\": \"2009-05-05T00:00:00.000Z\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"datePublished\": \"2009-05-29T18:00:00.000Z\", \"assignerShortName\": \"microsoft\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

CERTA-2009-ALE-009

Vulnerability from certfr_alerte - Published: - Updated:

Une vulnérabilité a été identifiée dans la manipulation de fichiers multimédia Quicktime par Microsoft DirectShow (quartz.dll). Elle peut être exploitée à distance par le biais de pages Web spécialement construites afin d'exécuter, lors de la navigation sur ces pages, du code arbitraire sur le système vulnérable.

Description

Une vulnérabilité a été identifiée dans la manipulation de fichiers multimédia Quicktime par Microsoft DirectShow (quartz.dll).

Elle peut être exploitée à distance par le biais de pages Web spécialement construites afin d'exécuter, lors de la navigation sur ces pages, du code arbitraire sur le système vulnérable. L'exploitation peut se faire indépendemment du navigateur choisi dans la mesure où un module de lecture multimédia est utilisé.

La pré-visualisation ou le passage de la souris sur un fichier malveillant (répertoire de partage par exemple) peut également provoquer la compromission du système.

Des codes d'exploitation sont actuellement disponibles sur l'Internet.

Contournement provisoire

Le filtrage ou la désactivation de certains formats de fichiers QuickTime n'est pas suffisant. D'autres formats peuvent également contenir des données QuickTime (les AVI par exemple). Il faut donc désactiver de préférence l'interprétation de ces données. Cela peut se faire en supprimant la clé de registre suivante :

HKC_ROOT\CLSID\{D51BD5A0-7548-11CF-A520-0080C77EF58A}

L'avis de sécurité KB971778 de Microsoft pointe vers un service nommé Fix it permettant d'effectuer cette opération sous forme d'un logiciel à installer.

Une autre mesure peut consister à restreindre l'accès à la bibliothèque quartz.dll. La procédure est aussi indiquée dans l'avis de sécurité KB971778. Cette mesure peut cependant avoir des effets de bord sur certains lecteurs multimédia et des applications tierces.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	DirectX 9.0x pour Microsoft Windows 2000 Service Pack 4, Windows XP Service Pack 2 et 3 et Windows Server 2003 Service Pack 2.
Microsoft	Windows	DirectX 8.1 pour Microsoft Windows 2000 Service Pack 4 ;
Microsoft	Windows	DirectX 7.0 pour Microsoft Windows 2000 Service Pack 4 ;

References

Title

Publication Time

Tags

Avis de sécurité Microsoft KB971778 du 28 mai 2009	None	vendor-advisory
Bloc-Notes Microsoft SRD, "New vulnerability in quartz.dll Quicktime parsing", 28 mai 2009 :	-	other
Bloc-Notes Microsoft SRD, "MS08-033: So what breaks when you ACL quartz.dll?", 10 juin 2008 :	-	other
Bulletin de sécurité Microsoft MS09-028 du 14 juillet 2009 :	-	other
Avis CERTA-2009-AVI-273 du 15 juillet 2009 :	-	other
Bulletin de sécurité Microsoft MS09-028 du 14 juillet 2009 :	-	other
Bloc-notes Microsoft MSRC, "Microsoft Security Advisory 971778 Vulnerability in Microsoft DirectShow Released", 28 mai 2009 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "DirectX 9.0x pour Microsoft Windows 2000 Service Pack 4, Windows XP Service Pack 2 et 3 et Windows Server 2003 Service Pack 2.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "DirectX 8.1 pour Microsoft Windows 2000 Service Pack 4 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "DirectX 7.0 pour Microsoft Windows 2000 Service Pack 4 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2009-07-15",
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans la manipulation de fichiers\nmultim\u00e9dia Quicktime par Microsoft DirectShow (quartz.dll).\n\nElle peut \u00eatre exploit\u00e9e \u00e0 distance par le biais de pages Web\nsp\u00e9cialement construites afin d\u0027ex\u00e9cuter, lors de la navigation sur ces\npages, du code arbitraire sur le syst\u00e8me vuln\u00e9rable. L\u0027exploitation peut\nse faire ind\u00e9pendemment du navigateur choisi dans la mesure o\u00f9 un module\nde lecture multim\u00e9dia est utilis\u00e9.\n\nLa pr\u00e9-visualisation ou le passage de la souris sur un fichier\nmalveillant (r\u00e9pertoire de partage par exemple) peut \u00e9galement provoquer\nla compromission du syst\u00e8me.\n\nDes codes d\u0027exploitation sont actuellement disponibles sur l\u0027Internet.\n\n## Contournement provisoire\n\nLe filtrage ou la d\u00e9sactivation de certains formats de fichiers\nQuickTime n\u0027est pas suffisant. D\u0027autres formats peuvent \u00e9galement\ncontenir des donn\u00e9es QuickTime (les AVI par exemple). Il faut donc\nd\u00e9sactiver de pr\u00e9f\u00e9rence l\u0027interpr\u00e9tation de ces donn\u00e9es. Cela peut se\nfaire en supprimant la cl\u00e9 de registre suivante\u00a0:\n\n    HKC_ROOT\\CLSID\\{D51BD5A0-7548-11CF-A520-0080C77EF58A}\n\nL\u0027avis de s\u00e9curit\u00e9 KB971778 de Microsoft pointe vers un service nomm\u00e9\nFix it permettant d\u0027effectuer cette op\u00e9ration sous forme d\u0027un logiciel \u00e0\ninstaller.\n\nUne autre mesure peut consister \u00e0 restreindre l\u0027acc\u00e8s \u00e0 la biblioth\u00e8que\nquartz.dll. La proc\u00e9dure est aussi indiqu\u00e9e dans l\u0027avis de s\u00e9curit\u00e9\nKB971778. Cette mesure peut cependant avoir des effets de bord sur\ncertains lecteurs multim\u00e9dia et des applications tierces.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-1537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1537"
    }
  ],
  "links": [
    {
      "title": "Bloc-Notes Microsoft SRD, \"New vulnerability in quartz.dll    Quicktime parsing\", 28 mai 2009\u00a0:",
      "url": "http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx"
    },
    {
      "title": "Bloc-Notes Microsoft SRD, \"MS08-033: So what breaks when    you ACL quartz.dll?\", 10 juin 2008\u00a0:",
      "url": "http://blogs.technet.com/srd/archive/2008/06/10/ms08-033-so-what-breaks-when-you-acl-quartz-dll.aspx"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-028 du 14 juillet 2009    :",
      "url": "http://www.microsoft.com/france/technet/security/Bulletin/MS09-028.mspx"
    },
    {
      "title": "Avis CERTA-2009-AVI-273 du 15 juillet 2009 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-AVI-273/index.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-028 du 14 juillet 2009    :",
      "url": "http://www.microsoft.com/technet/security/bulletin/MS09-028.mspx"
    },
    {
      "title": "Bloc-notes Microsoft MSRC, \"Microsoft Security Advisory    971778 Vulnerability in Microsoft DirectShow Released\", 28 mai    2009\u00a0:",
      "url": "http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx"
    }
  ],
  "reference": "CERTA-2009-ALE-009",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-05-29T00:00:00.000000"
    },
    {
      "description": "ajout du lien vers le correctif.",
      "revision_date": "2009-07-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans la manipulation de fichiers\nmultim\u00e9dia Quicktime par Microsoft DirectShow (quartz.dll). Elle peut\n\u00eatre exploit\u00e9e \u00e0 distance par le biais de pages Web sp\u00e9cialement\nconstruites afin d\u0027ex\u00e9cuter, lors de la navigation sur ces pages, du\ncode arbitraire sur le syst\u00e8me vuln\u00e9rable.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Microsoft DirectShow",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Avis de s\u00e9curit\u00e9 Microsoft KB971778 du 28 mai 2009",
      "url": "http://support.microsoft.com/kb/971778/fr/"
    }
  ]
}

CERTA-2009-ALE-009

Vulnerability from certfr_alerte - Published: - Updated:

Description

Une vulnérabilité a été identifiée dans la manipulation de fichiers multimédia Quicktime par Microsoft DirectShow (quartz.dll).

La pré-visualisation ou le passage de la souris sur un fichier malveillant (répertoire de partage par exemple) peut également provoquer la compromission du système.

Des codes d'exploitation sont actuellement disponibles sur l'Internet.

Contournement provisoire

HKC_ROOT\CLSID\{D51BD5A0-7548-11CF-A520-0080C77EF58A}

L'avis de sécurité KB971778 de Microsoft pointe vers un service nommé Fix it permettant d'effectuer cette opération sous forme d'un logiciel à installer.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	DirectX 9.0x pour Microsoft Windows 2000 Service Pack 4, Windows XP Service Pack 2 et 3 et Windows Server 2003 Service Pack 2.
Microsoft	Windows	DirectX 8.1 pour Microsoft Windows 2000 Service Pack 4 ;
Microsoft	Windows	DirectX 7.0 pour Microsoft Windows 2000 Service Pack 4 ;

References

Title

Publication Time

Tags

Avis de sécurité Microsoft KB971778 du 28 mai 2009	None	vendor-advisory
Bloc-Notes Microsoft SRD, "New vulnerability in quartz.dll Quicktime parsing", 28 mai 2009 :	-	other
Bloc-Notes Microsoft SRD, "MS08-033: So what breaks when you ACL quartz.dll?", 10 juin 2008 :	-	other
Bulletin de sécurité Microsoft MS09-028 du 14 juillet 2009 :	-	other
Avis CERTA-2009-AVI-273 du 15 juillet 2009 :	-	other
Bulletin de sécurité Microsoft MS09-028 du 14 juillet 2009 :	-	other
Bloc-notes Microsoft MSRC, "Microsoft Security Advisory 971778 Vulnerability in Microsoft DirectShow Released", 28 mai 2009 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "DirectX 9.0x pour Microsoft Windows 2000 Service Pack 4, Windows XP Service Pack 2 et 3 et Windows Server 2003 Service Pack 2.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "DirectX 8.1 pour Microsoft Windows 2000 Service Pack 4 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "DirectX 7.0 pour Microsoft Windows 2000 Service Pack 4 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2009-07-15",
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans la manipulation de fichiers\nmultim\u00e9dia Quicktime par Microsoft DirectShow (quartz.dll).\n\nElle peut \u00eatre exploit\u00e9e \u00e0 distance par le biais de pages Web\nsp\u00e9cialement construites afin d\u0027ex\u00e9cuter, lors de la navigation sur ces\npages, du code arbitraire sur le syst\u00e8me vuln\u00e9rable. L\u0027exploitation peut\nse faire ind\u00e9pendemment du navigateur choisi dans la mesure o\u00f9 un module\nde lecture multim\u00e9dia est utilis\u00e9.\n\nLa pr\u00e9-visualisation ou le passage de la souris sur un fichier\nmalveillant (r\u00e9pertoire de partage par exemple) peut \u00e9galement provoquer\nla compromission du syst\u00e8me.\n\nDes codes d\u0027exploitation sont actuellement disponibles sur l\u0027Internet.\n\n## Contournement provisoire\n\nLe filtrage ou la d\u00e9sactivation de certains formats de fichiers\nQuickTime n\u0027est pas suffisant. D\u0027autres formats peuvent \u00e9galement\ncontenir des donn\u00e9es QuickTime (les AVI par exemple). Il faut donc\nd\u00e9sactiver de pr\u00e9f\u00e9rence l\u0027interpr\u00e9tation de ces donn\u00e9es. Cela peut se\nfaire en supprimant la cl\u00e9 de registre suivante\u00a0:\n\n    HKC_ROOT\\CLSID\\{D51BD5A0-7548-11CF-A520-0080C77EF58A}\n\nL\u0027avis de s\u00e9curit\u00e9 KB971778 de Microsoft pointe vers un service nomm\u00e9\nFix it permettant d\u0027effectuer cette op\u00e9ration sous forme d\u0027un logiciel \u00e0\ninstaller.\n\nUne autre mesure peut consister \u00e0 restreindre l\u0027acc\u00e8s \u00e0 la biblioth\u00e8que\nquartz.dll. La proc\u00e9dure est aussi indiqu\u00e9e dans l\u0027avis de s\u00e9curit\u00e9\nKB971778. Cette mesure peut cependant avoir des effets de bord sur\ncertains lecteurs multim\u00e9dia et des applications tierces.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-1537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1537"
    }
  ],
  "links": [
    {
      "title": "Bloc-Notes Microsoft SRD, \"New vulnerability in quartz.dll    Quicktime parsing\", 28 mai 2009\u00a0:",
      "url": "http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx"
    },
    {
      "title": "Bloc-Notes Microsoft SRD, \"MS08-033: So what breaks when    you ACL quartz.dll?\", 10 juin 2008\u00a0:",
      "url": "http://blogs.technet.com/srd/archive/2008/06/10/ms08-033-so-what-breaks-when-you-acl-quartz-dll.aspx"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-028 du 14 juillet 2009    :",
      "url": "http://www.microsoft.com/france/technet/security/Bulletin/MS09-028.mspx"
    },
    {
      "title": "Avis CERTA-2009-AVI-273 du 15 juillet 2009 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-AVI-273/index.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-028 du 14 juillet 2009    :",
      "url": "http://www.microsoft.com/technet/security/bulletin/MS09-028.mspx"
    },
    {
      "title": "Bloc-notes Microsoft MSRC, \"Microsoft Security Advisory    971778 Vulnerability in Microsoft DirectShow Released\", 28 mai    2009\u00a0:",
      "url": "http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx"
    }
  ],
  "reference": "CERTA-2009-ALE-009",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-05-29T00:00:00.000000"
    },
    {
      "description": "ajout du lien vers le correctif.",
      "revision_date": "2009-07-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans la manipulation de fichiers\nmultim\u00e9dia Quicktime par Microsoft DirectShow (quartz.dll). Elle peut\n\u00eatre exploit\u00e9e \u00e0 distance par le biais de pages Web sp\u00e9cialement\nconstruites afin d\u0027ex\u00e9cuter, lors de la navigation sur ces pages, du\ncode arbitraire sur le syst\u00e8me vuln\u00e9rable.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Microsoft DirectShow",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Avis de s\u00e9curit\u00e9 Microsoft KB971778 du 28 mai 2009",
      "url": "http://support.microsoft.com/kb/971778/fr/"
    }
  ]
}

CERTA-2009-AVI-273

Vulnerability from certfr_avis - Published: - Updated:

Trois vulnérabilités permettant l'exécution de code arbitraire à distance ont été corrigées.

Description

Trois vulnérabilités impactant DirectShow ont été corrigées. L'une d'elle, publiée sur l'Internet, concerne le traitement de films par la bibliothèque quartz.dll. Elles permettent à un utilisateur malveillant d'exécuter du code arbitraire à distance au moyen d'un fichier QuickTime spécialement créé.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Microsoft	Windows	DirectX 9.0 sur Windows 2000 SP4, Windows XP SP2 et SP3, Windows XP x64 SP2, Windows Server 2003 SP2, Windows Server 2003 x64 SP2 et Windows Server 2003 SP2 Pour Itanium.
	Microsoft	Windows	DirectX 7.0 et DirectX 8.1 sur Windows 2000 SP4 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS09-028 du 14 juillet 2009

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "DirectX 9.0 sur Windows 2000 SP4, Windows XP SP2 et SP3, Windows XP x64 SP2, Windows Server 2003 SP2, Windows Server 2003 x64 SP2 et Windows Server 2003 SP2 Pour Itanium.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "DirectX 7.0 et DirectX 8.1 sur Windows 2000 SP4 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nTrois vuln\u00e9rabilit\u00e9s impactant DirectShow ont \u00e9t\u00e9 corrig\u00e9es. L\u0027une\nd\u0027elle, publi\u00e9e sur l\u0027Internet, concerne le traitement de films par la\nbiblioth\u00e8que quartz.dll. Elles permettent \u00e0 un utilisateur malveillant\nd\u0027ex\u00e9cuter du code arbitraire \u00e0 distance au moyen d\u0027un fichier QuickTime\nsp\u00e9cialement cr\u00e9\u00e9.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-1538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1538"
    },
    {
      "name": "CVE-2009-1537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1537"
    },
    {
      "name": "CVE-2009-1539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1539"
    }
  ],
  "links": [],
  "reference": "CERTA-2009-AVI-273",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-07-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Trois vuln\u00e9rabilit\u00e9s permettant l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance ont \u00e9t\u00e9 corrig\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft DirectShow",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-028 du 14 juillet 2009",
      "url": "http://www.microsoft.com/technet/security/bulletin/MS09-028.mspx"
    }
  ]
}

CERTA-2009-AVI-273

Vulnerability from certfr_avis - Published: - Updated:

Trois vulnérabilités permettant l'exécution de code arbitraire à distance ont été corrigées.

Description

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Microsoft	Windows	DirectX 9.0 sur Windows 2000 SP4, Windows XP SP2 et SP3, Windows XP x64 SP2, Windows Server 2003 SP2, Windows Server 2003 x64 SP2 et Windows Server 2003 SP2 Pour Itanium.
	Microsoft	Windows	DirectX 7.0 et DirectX 8.1 sur Windows 2000 SP4 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS09-028 du 14 juillet 2009

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "DirectX 9.0 sur Windows 2000 SP4, Windows XP SP2 et SP3, Windows XP x64 SP2, Windows Server 2003 SP2, Windows Server 2003 x64 SP2 et Windows Server 2003 SP2 Pour Itanium.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "DirectX 7.0 et DirectX 8.1 sur Windows 2000 SP4 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nTrois vuln\u00e9rabilit\u00e9s impactant DirectShow ont \u00e9t\u00e9 corrig\u00e9es. L\u0027une\nd\u0027elle, publi\u00e9e sur l\u0027Internet, concerne le traitement de films par la\nbiblioth\u00e8que quartz.dll. Elles permettent \u00e0 un utilisateur malveillant\nd\u0027ex\u00e9cuter du code arbitraire \u00e0 distance au moyen d\u0027un fichier QuickTime\nsp\u00e9cialement cr\u00e9\u00e9.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-1538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1538"
    },
    {
      "name": "CVE-2009-1537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1537"
    },
    {
      "name": "CVE-2009-1539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1539"
    }
  ],
  "links": [],
  "reference": "CERTA-2009-AVI-273",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-07-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Trois vuln\u00e9rabilit\u00e9s permettant l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance ont \u00e9t\u00e9 corrig\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft DirectShow",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-028 du 14 juillet 2009",
      "url": "http://www.microsoft.com/technet/security/bulletin/MS09-028.mspx"
    }
  ]
}

FKIE_CVE-2009-1537

Vulnerability from fkie_nvd - Published: 2009-05-29 18:30 - Updated: 2026-05-21 12:57

CISA KEV

Severity

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
secure@microsoft.com	http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx	Vendor Advisory
secure@microsoft.com	http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx	Vendor Advisory
secure@microsoft.com	http://isc.sans.org/diary.html?storyid=6481	Not Applicable
secure@microsoft.com	http://osvdb.org/54797	Broken Link
secure@microsoft.com	http://secunia.com/advisories/35268	Vendor Advisory
secure@microsoft.com	http://www.microsoft.com/technet/security/advisory/971778.mspx	Patch, Vendor Advisory
secure@microsoft.com	http://www.securityfocus.com/bid/35139	Broken Link
secure@microsoft.com	http://www.securitytracker.com/id?1022299	Broken Link
secure@microsoft.com	http://www.us-cert.gov/cas/techalerts/TA09-195A.html	US Government Resource
secure@microsoft.com	http://www.vupen.com/english/advisories/2009/1445	Vendor Advisory
secure@microsoft.com	http://www.vupen.com/english/advisories/2009/1886	Vendor Advisory
secure@microsoft.com	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028	Vendor Advisory
secure@microsoft.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6237	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://isc.sans.org/diary.html?storyid=6481	Not Applicable
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/54797	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35268	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.microsoft.com/technet/security/advisory/971778.mspx	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/35139	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1022299	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA09-195A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/1445	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/1886	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6237	Broken Link
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2009-1537	US Government Resource

Impacted products

Vendor	Product	Version
microsoft	directx	7.0
microsoft	directx	7.0a
microsoft	directx	7.1
microsoft	directx	8.1
microsoft	directx	8.1b
microsoft	directx	9.0
microsoft	directx	9.0a
microsoft	directx	9.0b
microsoft	directx	9.0c
microsoft	windows_2000	*
microsoft	directx	9.0
microsoft	directx	9.0a
microsoft	directx	9.0b
microsoft	directx	9.0c
microsoft	windows_2000	*
microsoft	windows_2003_server	*
microsoft	windows_2003_server	*
microsoft	windows_2003_server	*
microsoft	windows_server_2003	*
microsoft	windows_xp	*
microsoft	windows_xp	*
microsoft	windows_xp	-

JSON

To clipboard

{
  "cisaActionDue": "2026-06-03",
  "cisaExploitAdd": "2026-05-20",
  "cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
  "cisaVulnerabilityName": "Microsoft DirectX NULL Byte Overwrite Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:directx:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BFE77B9-6C2A-45D3-A4B5-2679CC4B0DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:directx:7.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "459D411C-4994-41DB-9594-F460EADA3351",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:directx:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F01F75D-4C20-4DA2-BD3B-4A3BD466F773",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:directx:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FF0278F-AFA7-48BA-8762-5569EC174AEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:directx:8.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BBFBDA6-90F5-4A8A-BD47-2DCA5CA8D5AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:directx:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2936E9C2-65E6-4D26-A277-FF2AE13A3FEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:directx:9.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2F096A3-DD19-4D54-94F4-027DBDF1A705",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:directx:9.0b:*:*:*:*:*:*:*",
              "matchCriteriaId": "70A8E96E-F752-43D2-83C3-877DE1042B80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:directx:9.0c:*:*:*:*:*:*:*",
              "matchCriteriaId": "44C68B75-2B7A-450B-BA1B-03E77E03B59B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:directx:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2936E9C2-65E6-4D26-A277-FF2AE13A3FEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:directx:9.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2F096A3-DD19-4D54-94F4-027DBDF1A705",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:directx:9.0b:*:*:*:*:*:*:*",
              "matchCriteriaId": "70A8E96E-F752-43D2-83C3-877DE1042B80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:directx:9.0c:*:*:*:*:*:*:*",
              "matchCriteriaId": "44C68B75-2B7A-450B-BA1B-03E77E03B59B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*",
              "matchCriteriaId": "F7EFB032-47F4-4497-B16B-CB9126EAC9DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*",
              "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:professional:*:x64:*",
              "matchCriteriaId": "C6109348-BC79-4ED3-8D41-EA546A540C79",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted QuickTime media file, as exploited in the wild in May 2009, aka \"DirectX NULL Byte Overwrite Vulnerability.\""
    },
    {
      "lang": "es",
      "value": "Vulnerailidad sin especificar en el filtro QuickTime Movie Parser en quartz.dll en DirectShow en Microsoft DirectX v7.0 hasta v9.0c en Windows 2000 SP4, Windows XP SP2 y SP3, y Windows Server 2003 SP2 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero multimedia QuickTime manipulado, como se ha explotado libremente en Mayo de 2009."
    }
  ],
  "evaluatorImpact": "Per: http://www.microsoft.com/technet/security/advisory/971778.mspx\r\n\r\n\"Microsoft is aware of limited, active attacks that use this exploit code. While our investigation is ongoing, our investigation so far has shown that Windows 2000 Service Pack 4, Windows XP, and Windows Server 2003 are vulnerable; all versions of Windows Vista and Windows Server 2008 are not vulnerable.\"",
  "id": "CVE-2009-1537",
  "lastModified": "2026-05-21T12:57:12.850",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2009-05-29T18:30:00.187",
  "references": [
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://isc.sans.org/diary.html?storyid=6481"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://osvdb.org/54797"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35268"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.microsoft.com/technet/security/advisory/971778.mspx"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.securityfocus.com/bid/35139"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.securitytracker.com/id?1022299"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-195A.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1445"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1886"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6237"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://isc.sans.org/diary.html?storyid=6481"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://osvdb.org/54797"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35268"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.microsoft.com/technet/security/advisory/971778.mspx"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.securityfocus.com/bid/35139"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.securitytracker.com/id?1022299"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-195A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1445"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1886"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6237"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2009-1537"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-158"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

GHSA-QVW7-MG6G-QM9M

Vulnerability from github – Published: 2022-05-02 03:26 – Updated: 2026-05-20 18:31

Details

Severity

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2009-1537"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-158"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-05-29T18:30:00Z",
    "severity": "HIGH"
  },
  "details": "Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted QuickTime media file, as exploited in the wild in May 2009, aka \"DirectX NULL Byte Overwrite Vulnerability.\"",
  "id": "GHSA-qvw7-mg6g-qm9m",
  "modified": "2026-05-20T18:31:27Z",
  "published": "2022-05-02T03:26:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1537"
    },
    {
      "type": "WEB",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6237"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2009-1537"
    },
    {
      "type": "WEB",
      "url": "http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx"
    },
    {
      "type": "WEB",
      "url": "http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx"
    },
    {
      "type": "WEB",
      "url": "http://isc.sans.org/diary.html?storyid=6481"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/54797"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/35268"
    },
    {
      "type": "WEB",
      "url": "http://www.microsoft.com/technet/security/advisory/971778.mspx"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/35139"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1022299"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-195A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/1445"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/1886"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2009-1537

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2009-1537

Aliases

CVE-2009-1537

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2009-1537",
    "description": "Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted QuickTime media file, as exploited in the wild in May 2009, aka \"DirectX NULL Byte Overwrite Vulnerability.\"",
    "id": "GSD-2009-1537"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2009-1537"
      ],
      "details": "Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted QuickTime media file, as exploited in the wild in May 2009, aka \"DirectX NULL Byte Overwrite Vulnerability.\"",
      "id": "GSD-2009-1537",
      "modified": "2023-12-13T01:19:48.496911Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@microsoft.com",
        "ID": "CVE-2009-1537",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted QuickTime media file, as exploited in the wild in May 2009, aka \"DirectX NULL Byte Overwrite Vulnerability.\""
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "MS09-028",
            "refsource": "MS",
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028"
          },
          {
            "name": "http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx",
            "refsource": "CONFIRM",
            "url": "http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx"
          },
          {
            "name": "oval:org.mitre.oval:def:6237",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6237"
          },
          {
            "name": "35268",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/35268"
          },
          {
            "name": "1022299",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1022299"
          },
          {
            "name": "ADV-2009-1886",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/1886"
          },
          {
            "name": "ADV-2009-1445",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/1445"
          },
          {
            "name": "54797",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/54797"
          },
          {
            "name": "35139",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/35139"
          },
          {
            "name": "TA09-195A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-195A.html"
          },
          {
            "name": "http://isc.sans.org/diary.html?storyid=6481",
            "refsource": "MISC",
            "url": "http://isc.sans.org/diary.html?storyid=6481"
          },
          {
            "name": "http://www.microsoft.com/technet/security/advisory/971778.mspx",
            "refsource": "CONFIRM",
            "url": "http://www.microsoft.com/technet/security/advisory/971778.mspx"
          },
          {
            "name": "http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx",
            "refsource": "CONFIRM",
            "url": "http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:directx:9.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:directx:9.0a:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:directx:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:directx:7.0a:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:directx:9.0c:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:directx:9.0b:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:directx:7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:directx:8.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:directx:8.1b:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:directx:9.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:directx:9.0a:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:directx:9.0b:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:directx:9.0c:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2009-1537"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted QuickTime media file, as exploited in the wild in May 2009, aka \"DirectX NULL Byte Overwrite Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx"
            },
            {
              "name": "http://www.microsoft.com/technet/security/advisory/971778.mspx",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.microsoft.com/technet/security/advisory/971778.mspx"
            },
            {
              "name": "35139",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/35139"
            },
            {
              "name": "http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx"
            },
            {
              "name": "http://isc.sans.org/diary.html?storyid=6481",
              "refsource": "MISC",
              "tags": [],
              "url": "http://isc.sans.org/diary.html?storyid=6481"
            },
            {
              "name": "1022299",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1022299"
            },
            {
              "name": "54797",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/54797"
            },
            {
              "name": "ADV-2009-1445",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/1445"
            },
            {
              "name": "35268",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/35268"
            },
            {
              "name": "ADV-2009-1886",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/1886"
            },
            {
              "name": "TA09-195A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-195A.html"
            },
            {
              "name": "oval:org.mitre.oval:def:6237",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6237"
            },
            {
              "name": "MS09-028",
              "refsource": "MS",
              "tags": [],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-028"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2019-02-26T14:04Z",
      "publishedDate": "2009-05-29T18:30Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2009-1537 (GCVE-0-2009-1537)

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Vendor Report Successful Exploitation Confidence: 80% Source: cisa-kev

Details

References

CERTA-2009-ALE-009

Description

Contournement provisoire

Solution

CERTA-2009-ALE-009

Description

Contournement provisoire

Solution

CERTA-2009-AVI-273

Description

Solution

CERTA-2009-AVI-273

Description

Solution

FKIE_CVE-2009-1537

GHSA-QVW7-MG6G-QM9M

GSD-2009-1537

Tags

Sightings

Nomenclature