Microsoft DirectX DirectShow AVI Processing Buffer Overflow Vulnerability

Solution:
Microsoft has released updates to address this vulnerability. Fixes for Windows 98/98SE/ME are available through Windows Update.

Avaya has released advisory ASA-2005-214 to state which Avaya products are affected by The October 2005 release of Microsoft Windows security updates. Please see the referenced advisory for further information.

Nortel Networks has released a technical support bulletin (2005006318) regarding this and other issues for their Centrex IP Client Manager (CICM). They report the vulnerabilities will be fixed in the upcoming 2.5, 7.0 and 8.0 maintenance releases. Please see the referenced bulletin for further information.

Nortel Networks has released a technical support bulletin (2005006315) regarding this issue for CallPilot. Users are advised to contact Nortel for further information.

Microsoft has updated Microsoft Security Bulletin MS05-050 detailing possible problems with previous updates; new updates are also available. Please see the referenced advisory for further information.


Microsoft Windows Server 2003 Datacenter Edition SP1

Microsoft Windows XP Media Center Edition SP2

Microsoft DirectX 8.1 a

Microsoft Small Business Server 2003

Microsoft Windows Server 2003 Enterprise Edition Itanium SP1

Microsoft Windows XP Tablet PC Edition SP1

Microsoft DirectX 8.0

Microsoft Windows XP Tablet PC Edition SP2

Microsoft Windows XP Media Center Edition SP1

Microsoft DirectX 8.0 a

Microsoft DirectX 9.0 c

Microsoft DirectX 8.1

Microsoft Windows Server 2003 Enterprise Edition Itanium 0

Microsoft Windows Server 2003 Standard Edition SP1

Microsoft Windows Server 2003 Standard Edition

Microsoft Windows Server 2003 Enterprise x64 Edition

Microsoft Windows Server 2003 Datacenter Edition Itanium 0

Microsoft Windows Server 2003 Datacenter x64 Edition

Microsoft Windows Server 2003 Enterprise Edition SP1

Microsoft DirectX 9.0 a

Microsoft DirectX 8.1 b

Microsoft Windows Server 2003 Datacenter Edition

Microsoft Windows 2000 Advanced Server SP4

Microsoft DirectX 8.2

Microsoft Windows Server 2003 Enterprise Edition

Microsoft Windows XP Home SP2

Microsoft Windows 2000 Datacenter Server SP4

Microsoft Windows Server 2003 Web Edition

Microsoft Windows XP Home SP1

Microsoft DirectX 9.0b

Microsoft Windows XP Professional x64 Edition

Microsoft Windows Server 2003 Web Edition SP1

Microsoft DirectX 9.0

Microsoft Windows Server 2003 Datacenter Edition Itanium SP1

Microsoft Windows XP Professional SP2

Microsoft Windows Server 2003 Standard x64 Edition

Microsoft Windows 2000 Server SP4

Microsoft Windows 2000 Professional SP4

Microsoft Windows XP Professional SP1


 

Privacy Statement
Copyright 2010, SecurityFocus