what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 3 of 3 RSS Feed

CVE-2008-0015

Status Candidate

Overview

Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka "Microsoft Video ActiveX Control Vulnerability."

Related Files

Microsoft DirectShow (msvidctl.dll) MPEG-2 Memory Corruption
Posted Nov 26, 2009
Authored by Trancer | Site metasploit.com

This Metasploit module exploits a memory corruption within the MSVidCtl component of Microsoft DirectShow (BDATuner.MPEG2TuneRequest). By loading a specially crafted GIF file, an attacker can overrun a buffer and execute arbitrary code. ClassID is now configurable via an advanced option (otherwise randomized) - I)ruid

tags | exploit, overflow, arbitrary
advisories | CVE-2008-0015
SHA-256 | e8f71e34b37a4de2b0396539c6da78a5e06109b689d9afc1f84fe565484d3e81
Download | Favorite | View
Technical Cyber Security Alert 2009-209A
Posted Jul 28, 2009
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA09-209A - Microsoft has released out-of-band updates to address critical vulnerabilities in Microsoft Internet Explorer running on most supported versions of Windows. The updates also help mitigate attacks against ActiveX controls developed with vulnerable versions of the Microsoft Active Template Library (ATL).

tags | advisory, vulnerability, activex
systems | windows
advisories | CVE-2008-0015
SHA-256 | ff15492f51e1c3ec3ea228997a0e2940c2a7dddf7f3bf187c4c40e15f9d53421
Download | Favorite | View
Technical Cyber Security Alert 2009-195A
Posted Jul 15, 2009
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA09-195A - Microsoft has released updates that address vulnerabilities in Microsoft Windows, Windows Server, DirectShow, Virtual PC and Server, Office Publisher, and ISA Server.

tags | advisory, vulnerability
systems | windows
advisories | CVE-2009-1537, CVE-2008-0015
SHA-256 | 34c3f3faa5532e86a2446534a8f05af1708a404420d5f24395b8c29f9aeda3cb
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close