what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 3 of 3 RSS Feed

CVE-2008-0015

Status Candidate

Overview

Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka "Microsoft Video ActiveX Control Vulnerability."

Related Files

Microsoft DirectShow (msvidctl.dll) MPEG-2 Memory Corruption
Posted Nov 26, 2009
Authored by Trancer | Site metasploit.com

This Metasploit module exploits a memory corruption within the MSVidCtl component of Microsoft DirectShow (BDATuner.MPEG2TuneRequest). By loading a specially crafted GIF file, an attacker can overrun a buffer and execute arbitrary code. ClassID is now configurable via an advanced option (otherwise randomized) - I)ruid

tags | exploit, overflow, arbitrary
advisories | CVE-2008-0015
SHA-256 | e8f71e34b37a4de2b0396539c6da78a5e06109b689d9afc1f84fe565484d3e81
Download | Favorite | View
Technical Cyber Security Alert 2009-209A
Posted Jul 28, 2009
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA09-209A - Microsoft has released out-of-band updates to address critical vulnerabilities in Microsoft Internet Explorer running on most supported versions of Windows. The updates also help mitigate attacks against ActiveX controls developed with vulnerable versions of the Microsoft Active Template Library (ATL).

tags | advisory, vulnerability, activex
systems | windows
advisories | CVE-2008-0015
SHA-256 | ff15492f51e1c3ec3ea228997a0e2940c2a7dddf7f3bf187c4c40e15f9d53421
Download | Favorite | View
Technical Cyber Security Alert 2009-195A
Posted Jul 15, 2009
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA09-195A - Microsoft has released updates that address vulnerabilities in Microsoft Windows, Windows Server, DirectShow, Virtual PC and Server, Office Publisher, and ISA Server.

tags | advisory, vulnerability
systems | windows
advisories | CVE-2009-1537, CVE-2008-0015
SHA-256 | 34c3f3faa5532e86a2446534a8f05af1708a404420d5f24395b8c29f9aeda3cb
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close