Microsoft DirectShow, part of Microsoft DirectX, is "used for the capture and playback of multimedia streams on Microsoft Windows systems. Synchronized Accessible Media Interchange (SAMI) is a file format designed by Microsoft Corp. to deliver captions, subtitles, or audio descriptions synchronized with digital media content". Remote exploitation of a stack buffer overflow vulnerability in Microsoft Corp.'s DirectShow could allow an attacker to execute arbitrary code in the context of the current user.

http://www.securiteam.com/windowsntf...G00C0UKKI.html