CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-0084

Use-after-free vulnerability in DirectShow in Microsoft DirectX 8.1 and 9.0 allows remote attackers to execute arbitrary code via an MJPEG file or video stream with a malformed Huffman table, which triggers an exception that frees heap memory that is later accessed, aka "MJPEG Decompression Vulnerability."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.59

EPSS Ranking 98.1%

CVSS Severity

CVSS v2 Score 9.3

References

Products affected by CVE-2009-0084

Microsoft » Directx » Version: 8.1

cpe:2.3:a:microsoft:directx:8.1
Microsoft » Directx » Version: 9.0

cpe:2.3:a:microsoft:directx:9.0
Microsoft » Directx » Version: 9.0a

cpe:2.3:a:microsoft:directx:9.0a
Microsoft » Directx » Version: 9.0b

cpe:2.3:a:microsoft:directx:9.0b
Microsoft » Directx » Version: 9.0c

cpe:2.3:a:microsoft:directx:9.0c
Microsoft » Windows 2000 » Version: N/A

cpe:2.3:o:microsoft:windows_2000:-
Microsoft » Windows Server 2003 » Version: Any

cpe:2.3:o:microsoft:windows_server_2003:*
Microsoft » Windows Server 2003 » Version: N/A

cpe:2.3:o:microsoft:windows_server_2003:-
Microsoft » Windows Server 2003 » Version: r2

cpe:2.3:o:microsoft:windows_server_2003:r2
Microsoft » Windows Xp » Version: Any

cpe:2.3:o:microsoft:windows_xp:*
Microsoft » Windows Xp » Version: N/A

cpe:2.3:o:microsoft:windows_xp:-
Microsoft » Windows Xp » Version: unknown

cpe:2.3:o:microsoft:windows_xp:unknown

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-0084

Products

Pricing

Contact Us