CVE-2009-1537: Microsoft DirectX NULL Byte Overwrite Vulnerability.

Microsoft DirectX NULL Byte Overwrite Vulnerability. Microsoft DirectX contains a NULL byte overwrite vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow which could allow remote attackers to execute arbitrary code via a crafted QuickTime media file.

• CISA KEV-listed (remediation due 2026-06-03)
• EPSS 53.0% (98.0% percentile)

Browse the CVE database

Read the full analysis on IntelFusions