CyberSec.Space Logo
Back to CVE Browser

CVE-2009-1537

Known Exploited (CISA KEV)HIGH
8.8
CVSS Severity Score
EPSS Score40.0300%
EPSS Percentile92.67th
PublishedMay 29, 2009
Last ModifiedMay 21, 2026

Vulnerability Description

Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted QuickTime media file, as exploited in the wild in May 2009, aka "DirectX NULL Byte Overwrite Vulnerability."

Affected Platforms (CPE)

πŸ“¦
Microsoft

Directx

= 7.0
πŸ“¦
Microsoft

Directx

= 7.0a
πŸ“¦
Microsoft

Directx

= 7.1
πŸ“¦
Microsoft

Directx

= 8.1
πŸ“¦
Microsoft

Directx

= 8.1b
πŸ“¦
Microsoft

Directx

= 9.0
πŸ“¦
Microsoft

Directx

= 9.0a
πŸ“¦
Microsoft

Directx

= 9.0b
πŸ“¦
Microsoft

Directx

= 9.0c
πŸ’»
Microsoft

Windows 2000

All versions
πŸ’»
Microsoft

Windows 2003 Server

All versions
πŸ’»
Microsoft

Windows 2003 Server

All versions
πŸ’»
Microsoft

Windows 2003 Server

All versions
πŸ’»
Microsoft

Windows Server 2003

All versions
πŸ’»
Microsoft

Windows Xp

All versions
πŸ’»
Microsoft

Windows Xp

All versions
πŸ’»
Microsoft

Windows Xp

All versions

References & Advisories

πŸ”— http://blogs.technet.com/msrc/archive/2009/05/28/microsoft-security-advisory-971778-vulnerability-in-microsoft-directshow-released.aspx
πŸ”— http://blogs.technet.com/srd/archive/2009/05/28/new-vulnerability-in-quicktime-parsing.aspx
πŸ”— http://isc.sans.org/diary.html?storyid=6481
πŸ”— http://osvdb.org/54797
πŸ”— http://secunia.com/advisories/35268
πŸ”— http://www.microsoft.com/technet/security/advisory/971778.mspx
πŸ”— http://www.securityfocus.com/bid/35139
πŸ”— http://www.securitytracker.com/id?1022299

Related Vulnerabilities

CVE-2019-568410.0

NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially crafted shader ...

CVE-2020-61029.9

An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20....

CVE-2020-61019.9

An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20....

CVE-2020-61039.9

An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20....