Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2008-0015
HistoryJul 07, 2009 - 11:30 p.m.

CVE-2008-0015

2009-07-0723:30:00
CWE-119
[email protected]
web.nvd.nist.gov
54
cve
2008
0015
buffer overflow
ccomvariant
readfromstream
atl
active template library
mpeg2tunerequest
activex
msvidctl.dll
directshow
microsoft windows
remote code execution
web page
exploit
vulnerability

7.6 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.97 High

EPSS

Percentile

99.7%

JSON

Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka “Microsoft Video ActiveX Control Vulnerability.”

References

Related

saint 4
checkpoint_advisories 1
securityvulns 4
canvas 1
packetstorm 1
prion 2
nessus 3
cert 1
openvas 4
cve 1
f5 1
mskb 1
saint
saint
Microsoft DirectShow Video Streaming ActiveX IMPEG2TuneRequest Overflow
2009-07-07 00:00:00
Microsoft DirectShow Video Streaming ActiveX IMPEG2TuneRequest Overflow
2009-07-07 00:00:00
Microsoft DirectShow Video Streaming ActiveX IMPEG2TuneRequest Overflow
2009-07-07 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft DirectShow Video ActiveX Control Stack Buffer Overflow (CVE-2008-0015)
2009-07-07 00:00:00
securityvulns
securityvulns
Microsoft Video ActiveX code execution
2009-07-15 00:00:00
Microsoft Security Bulletin MS09-032 - Critical Cumulative Security Update of ActiveX Kill Bits (973346)
2009-07-14 00:00:00
US-CERT Technical Cyber Security Alert TA09-209A -- Microsoft Windows, Internet Explorer, and Active Template Library (ATL) Vulnerabilities
2009-07-29 00:00:00
canvas
canvas
Immunity Canvas: MS09_032
2009-07-07 23:30:00
packetstorm
packetstorm
Microsoft DirectShow (msvidctl.dll) MPEG-2 Memory Corruption
2009-11-26 00:00:00
prion
prion
Stack overflow
2009-07-07 23:30:00
Memory corruption
2009-07-07 23:30:00
nessus
nessus
MS09-032: Cumulative Security Update of ActiveX Kill Bits (973346)
2009-07-07 00:00:00
MS09-037: Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (973908)
2009-08-11 00:00:00
Windows Server 2008 Critical RCE Vulnerabilities (uncredentialed) (PCI/DSS)
2018-04-03 00:00:00
cert
cert
Microsoft Video ActiveX control stack buffer overflow
2009-07-06 00:00:00
openvas
openvas
Microsoft Video ActiveX Control 'msvidctl.dll' BOF Vulnerability
2009-07-09 00:00:00
Microsoft Video ActiveX Control 'msvidctl.dll' BOF Vulnerability
2009-07-09 00:00:00
Vulnerabilities in Microsoft ATL Could Allow Remote Code Execution (973908)
2009-08-14 00:00:00
cve
cve
CVE-2008-0020
2009-07-07 23:30:00
f5
f5
SOL10441 - Microsoft Active Template Library (ATL) vulnerabilities VU#456745
2009-08-17 00:00:00
mskb
mskb
MS09-037: Vulnerabilities in Microsoft Active Template Library (ATL) could allow remote code execution
2019-11-06 02:17:02

7.6 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.97 High

EPSS

Percentile

99.7%

JSON
Related for CVE-2008-0015
saint4checkpoint_advisories1securityvulns4canvas1packetstorm1prion2nessus3cert1openvas4cve1f51mskb1