QwikSec

Security Database

CVE

CWE

Training

CVE-2009-1537

Published: May 29, 2009

Modified: May 21, 2026

PUBLISHED

Description

Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted QuickTime media file, as exploited in the wild in May 2009, aka "DirectX NULL Byte Overwrite Vulnerability."

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_MS

http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx

x_refsource_CONFIRM

oval:org.mitre.oval:def:6237

vdb-entry

signature

x_refsource_OVAL

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_SECTRACK

vdb-entry

x_refsource_VUPEN

vdb-entry

x_refsource_VUPEN

vdb-entry

x_refsource_OSVDB

vdb-entry

x_refsource_BID

third-party-advisory

x_refsource_CERT

http://isc.sans.org/diary.html?storyid=6481

x_refsource_MISC

http://www.microsoft.com/technet/security/advisory/971778.mspx

x_refsource_CONFIRM

http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.