Vulnerabilities > CVE-2007-4336 - Buffer Overflow vulnerability in Microsoft Directx Media 6.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Buffer overflow in the Live Picture Corporation DXSurface.LivePicture.FlashPix.1 (DirectTransform FlashPix) ActiveX control in DXTLIPI.DLL 6.0.2.827, as packaged in Microsoft DirectX Media 6.0 SDK, allows remote attackers to execute arbitrary code via a long SourceUrl property value.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Microsoft DXMedia SDK 6 (SourceUrl) ActiveX Remote Code Execution. CVE-2007-4336. Remote exploit for windows platform |
| file | exploits/windows/remote/4279.html |
| id | EDB-ID:4279 |
| last seen | 2016-01-31 |
| modified | 2007-08-10 |
| platform | windows |
| port | |
| published | 2007-08-10 |
| reporter | h07 |
| source | https://www.exploit-db.com/download/4279/ |
| title | Microsoft DXMedia SDK 6 SourceUrl ActiveX Remote Code Execution |
| type | remote |
References
- http://osvdb.org/36399
- http://secunia.com/advisories/26426
- http://www.kb.cert.org/vuls/id/466601
- http://www.securityfocus.com/bid/25279
- http://www.securitytracker.com/id?1018551
- http://www.vupen.com/english/advisories/2007/2857
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35970
- https://www.exploit-db.com/exploits/4279