Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2010-0250

EPSS 71.11% · P99
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2010-0250

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Heap-based buffer overflow in DirectShow in Microsoft DirectX, as used in the AVI Filter on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2, and in Quartz on Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, allows remote attackers to execute arbitrary code via an AVI file with a crafted length field in an unspecified video stream, which is not properly handled by the RLE video decompressor, aka "DirectShow Heap Overflow Vulnerability."
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft DirectX DirectShow AVI文件堆缓冲区溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Microsoft DirectX是Windows操作系统中的一项功能,流媒体在玩游戏或观看视频时通过这个功能支持图形和声音。 Microsoft DirectX的DirectShow中存在基于堆的缓冲区溢出漏洞。远程攻击者可借助带有未明视频流中特制长度字段的AVI文件执行任意代码,该文件不能被RLE视频解压缩器正确处理。 该漏洞位于以下版本:基于Windows 2000 SP4,Windows XP SP2和SP3,基于Windows Server 2003 SP2版本中的AVI过滤器,以及基于Wind
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2010-0250

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2010-0250

登录查看更多情报信息。

Same Patch Batch · n/a · 2010-02-10 · 36 CVEs total

CVE-2009-4634Ffmpeg 多个整数溢出漏洞
CVE-2010-0240Microsoft Windows头MDL碎片远程代码执行漏洞
CVE-2010-0241Microsoft Windows ICMPv6路由信息远程代码执行漏洞
CVE-2010-0242Microsoft Windows TCP/IP栈选择性应答远程拒绝服务漏洞
CVE-2010-0243Microsoft Office OfficeArtSpgr容器指针覆盖缓冲区错误漏洞
CVE-2010-0252Microsoft Data Analyzer ActiveX控件栈破坏漏洞
CVE-2009-4631Ffmpeg VP3 decoder Off-by-one溢出漏洞
CVE-2009-4632FFmpeg 'oggparsevorbis.c' 指针算法拒绝服务攻击漏洞
CVE-2009-4633Ffmpeg 'vorbis_dec.c' 拒绝服务攻击或代码执行漏洞
CVE-2010-0239Microsoft Windows ICMPv6路由播发缓冲区溢出漏洞
CVE-2009-4635Ffmpeg MOV存储器拒绝服务漏洞
CVE-2009-4636Ffmpeg 无限循环拒绝服务漏洞
CVE-2009-4637Ffmpeg 未明拒绝服务攻击漏洞
CVE-2009-4638FFmpeg 未明整数溢出漏洞
CVE-2009-4639Ffmpeg AVI 分路器 拒绝服务攻击漏洞
CVE-2009-4640Ffmpeg‘vorbis_dec.c’拒绝服务和代码执行漏洞
CVE-2010-0394Nanosleep Trac Git插件远程命令注入漏洞
CVE-2010-0564Trendmicro OfficeScan TMUFE缓冲区溢出漏洞
CVE-2010-0030Microsoft PowerPoint LinkedSlideAtom堆溢出漏洞
CVE-2010-0017Microsoft Windows SMB客户端实现竞争条件漏洞

Showing top 20 of 36 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2010-0250

No comments yet

Leave a comment