{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-07-03T19:37:38.204","vulnerabilities":[{"cve":{"id":"CVE-2009-0084","sourceIdentifier":"secure@microsoft.com","published":"2009-04-15T08:00:00.420","lastModified":"2026-06-16T23:04:13.937","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Use-after-free vulnerability in DirectShow in Microsoft DirectX 8.1 and 9.0 allows remote attackers to execute arbitrary code via an MJPEG file or video stream with a malformed Huffman table, which triggers an exception that frees heap memory that is later accessed, aka \"MJPEG Decompression Vulnerability.\""},{"lang":"es","value":"DirectShow en Microsoft DirectX v8.1 y v9.0 no descomprime adecuadamente ficheros multimedia, lo cual permite a atacantes remotos ejecutar código de su elección a través de un (1) fichero MJPEG manipulado o (2) cadena video, también conocido como \"Vulnerabilidad de Descompresión MJPEG\"."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*","matchCriteriaId":"83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:directx:8.1:*:*:*:*:*:*:*","matchCriteriaId":"8FF0278F-AFA7-48BA-8762-5569EC174AEE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:directx:9.0:*:*:*:*:*:*:*","matchCriteriaId":"2936E9C2-65E6-4D26-A277-FF2AE13A3FEC"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:directx:9.0a:*:*:*:*:*:*:*","matchCriteriaId":"B2F096A3-DD19-4D54-94F4-027DBDF1A705"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:directx:9.0b:*:*:*:*:*:*:*","matchCriteriaId":"70A8E96E-F752-43D2-83C3-877DE1042B80"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:directx:9.0c:*:*:*:*:*:*:*","matchCriteriaId":"44C68B75-2B7A-450B-BA1B-03E77E03B59B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*","matchCriteriaId":"83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*","matchCriteriaId":"31A64C69-D182-4BEC-BA8A-7B405F5B2FC0"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*","matchCriteriaId":"DA778424-6F70-4AB6-ADD5-5D4664DFE463"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*","matchCriteriaId":"BCE2197B-7C58-4693-B9BB-0B31EABB6B66"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*","matchCriteriaId":"4D3B5E4F-56A6-4696-BBB4-19DF3613D020"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_xp:*:*:pro_x64:*:*:*:*:*","matchCriteriaId":"29EDE745-5A26-42BF-AFDE-7D985BB09D44"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*","matchCriteriaId":"9B339C33-8896-4896-88FF-88E74FDBC543"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_xp:*:sp2:pro_x64:*:*:*:*:*","matchCriteriaId":"2D48D876-6A88-4B52-9322-9F019BFA19B9"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*","matchCriteriaId":"CE477A73-4EE4-41E9-8694-5A3D5DC88656"}]}]}],"references":[{"url":"http://osvdb.org/53632","source":"secure@microsoft.com"},{"url":"http://secunia.com/advisories/34665","source":"secure@microsoft.com"},{"url":"http://support.avaya.com/elmodocs2/security/ASA-2009-132.htm","source":"secure@microsoft.com"},{"url":"http://www.piotrbania.com/all/adv/ms-directx-mjpeg-adv.txt","source":"secure@microsoft.com"},{"url":"http://www.securityfocus.com/bid/34460","source":"secure@microsoft.com"},{"url":"http://www.securitytracker.com/id?1022040","source":"secure@microsoft.com"},{"url":"http://www.us-cert.gov/cas/techalerts/TA09-104A.html","source":"secure@microsoft.com","tags":["US Government Resource"]},{"url":"http://www.vupen.com/english/advisories/2009/1025","source":"secure@microsoft.com"},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-011","source":"secure@microsoft.com"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5618","source":"secure@microsoft.com"},{"url":"http://osvdb.org/53632","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/34665","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://support.avaya.com/elmodocs2/security/ASA-2009-132.htm","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.piotrbania.com/all/adv/ms-directx-mjpeg-adv.txt","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/34460","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securitytracker.com/id?1022040","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.us-cert.gov/cas/techalerts/TA09-104A.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]},{"url":"http://www.vupen.com/english/advisories/2009/1025","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-011","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5618","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}