CVE-2007-3901

HIGH

8.5

CVSS Severity Score

EPSS Score0.1570%

EPSS Percentile17.82th

PublishedDec 12, 2007

Last ModifiedApr 23, 2026

Vulnerability Description

Stack-based buffer overflow in the DirectShow Synchronized Accessible Media Interchange (SAMI) parser in quartz.dll for Microsoft DirectX 7.0 through 10.0 allows remote attackers to execute arbitrary code via a crafted SAMI file.

Affected Platforms (CPE)

📦

Microsoft

Directx

= 5.2

📦

Microsoft

Directx

= 6.1

📦

Microsoft

Directx

= 7.0

📦

Microsoft

Directx

= 7.0a

📦

Microsoft

Directx

= 7.1

📦

Microsoft

Directx

= 8.0

📦

Microsoft

Directx

= 8.0a

📦

Microsoft

Directx

= 8.1

📦

Microsoft

Directx

= 8.1a

📦

Microsoft

Directx

= 8.1b

📦

Microsoft

Directx

= 8.2

📦

Microsoft

Directx

= 9.0a

📦

Microsoft

Directx

= 9.0b

📦

Microsoft

Directx

= 9.0c

📦

Microsoft

Directx

= 10.0

References & Advisories

🔗 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=632

🔗 http://secunia.com/advisories/28010

🔗 http://www.iss.net/threats/280.html

🔗 http://www.kb.cert.org/vuls/id/804089

🔗 http://www.securityfocus.com/archive/1/485268/100/0/threaded

🔗 http://www.securityfocus.com/bid/26789

🔗 http://www.securitytracker.com/id?1019073

🔗 http://www.us-cert.gov/cas/techalerts/TA07-345A.html

Vulnerability Description

Affected Platforms (CPE)

Directx

Directx

Directx

Directx

Directx

Directx

Directx

Directx

Directx

Directx

Directx

Directx

Directx

Directx

Directx

References & Advisories

Related Vulnerabilities