296 matches found
Internet Explorer 7 Overflow
!/usr/bin/env python MS Internet Explorer 7 DirectShow msvidctl.dll Heap Spray Advisory 972890 Written by SecureState R&D Team Authors: David Kennedy ReL1K, John Melvin Whipsmack, Steve Austin http://www.securestate.com win32bind EXITFUNC=seh LPORT=5500 Size=314 Encoder=ShikataGaNai Shell=bind...
Microsoft to Release Patches for Two Video Control Flaws
Microsoft’s July Patch Tuesday release will include a fix for the DirectShow vulnerability that was revealed in May, and the software giant said it likely will also have a patch available for a related flaw in the MsVidCtl ActiveX control that became public earlier this week and has been under...
Microsoft Video ActiveX Control 'msvidctl.dll' BOF Vulnerability
This host is installed with Microsoft Video ActiveX Control and is prone to Buffer Overflow vulnerability. OpenVAS Vulnerability Test $Id: gbmsvideoactvxbofvulnjul09.nasl 5934 2017-04-11 12:28:28Z antu123 $ Microsoft Video ActiveX Control 'msvidctl.dll' BOF Vulnerability Authors: Sharath S...
Microsoft DirectShow (msvidctl.dll) MPEG-2 Memory Corruption
This module exploits a memory corruption within the MSVidCtl component of Microsoft DirectShow BDATuner.MPEG2TuneRequest. By loading a specially crafted GIF file, an attacker can overrun a buffer and execute arbitrary code. ClassID is now configurable via an advanced option otherwise randomized -...
Immunity Canvas: MS09_032
Name| ms09032 ---|--- CVE| CVE-2008-0015 Exploit Pack| CANVAS Description| Microsoft DirectShow msvidctl.dll Vulnerability Notes| CVE Name: CVE-2008-0015 Vendor: Microsoft Notes: Tested against a Windows XP SP2 & SP3 English, German & Simplified Chinese with IE 6. IE 7 asks for confirmation befor...
CVE-2008-0015
Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library ATL, as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold...
Stack overflow
Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library ATL, as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold...
CVE-2008-0015
Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library ATL, as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold...
CVE-2008-0020
Technical details about CVE-2008-0020 are not publicly available in the provided connected documents. Monitor for updates as new information becomes public.
CVE-2008-0015
CVE-2008-0015 is a stack-based buffer overflow in ATL’s CComVariant::ReadFromStream used by the MPEG2TuneRequest ActiveX control in msvidctl.dll (DirectShow). The vulnerability affects multiple Windows versions (2000 SP4, XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 SP2) and allows rem...
PT-2009-1181
Name of the Vulnerable Software and Affected Versions Microsoft Windows versions 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 Description A stack-based buffer overflow exists in the CComVariant::ReadFromStream function within the Active Templat...
Microsoft DirectShow Video Streaming ActiveX IMPEG2TuneRequest Overflow
Added: 07/07/2009 CVE: CVE-2008-0015 BID: 35558 OSVDB: 55651 Background DirectX is a feature of the Windows operating system used for streaming media. Within DirectX, the DirectShow technology performs client-side audio and video sourcing, manipulation and rendering. Problem A stack buffer overfl...
Microsoft DirectShow Video ActiveX Control Stack Buffer Overflow (CVE-2008-0015)
The Microsoft Video Control object is a Microsoft ActiveX control that connects Microsoft DirectShow filters for use in capturing, recording, and playing video. A stack buffer overflow vulnerability has been discovered in Microsoft DirectShow. The flaw is in the way Microsoft Video ActiveX contro...
Microsoft DirectShow Video Streaming ActiveX IMPEG2TuneRequest Overflow
Added: 07/07/2009 CVE: CVE-2008-0015 BID: 35558 OSVDB: 55651 Background DirectX is a feature of the Windows operating system used for streaming media. Within DirectX, the DirectShow technology performs client-side audio and video sourcing, manipulation and rendering. Problem A stack buffer overfl...
Microsoft DirectShow Video Streaming ActiveX IMPEG2TuneRequest Overflow
Added: 07/07/2009 CVE: CVE-2008-0015 BID: 35558 OSVDB: 55651 Background DirectX is a feature of the Windows operating system used for streaming media. Within DirectX, the DirectShow technology performs client-side audio and video sourcing, manipulation and rendering. Problem A stack buffer overfl...
Microsoft DirectShow Video Streaming ActiveX IMPEG2TuneRequest Overflow
Added: 07/07/2009 CVE: CVE-2008-0015 BID: 35558 OSVDB: 55651 Background DirectX is a feature of the Windows operating system used for streaming media. Within DirectX, the DirectShow technology performs client-side audio and video sourcing, manipulation and rendering. Problem A stack buffer overfl...
DirectShow msvidctl.dll组件解析畸形MPEG2视频格式文件溢出漏洞
“MPEG-2标准”制定于1994年,设计目标是高级工业标准的图象质量以及更高的传输率。MPEG-2所能提供每秒钟3兆到10兆的传输率,其在NTSC制式下的分辨率可达720X486。由于出色的性能表现,MPEG-2被用作DVD的指定标准外,并适用于HDTV高清电视。此外,MPEG-2还广泛用于为广播、有线电视网、电缆网络以及卫星直播提供广播级的数字视频。 是DirectShow相关msvidctl.dll组件解析畸形MPEG2视频格式文件触发溢出,攻击者可以使用普通的javascript堆喷射方式远程执行任意代码。 Windows...
Microsoft DirectShow MPEG2TuneRequest Stack Overflow Exploit-vulnerability warning-the black bar safety net
The legendary rate is 6 0 per cent. Source: Xeye Microsoft DirectShow presence may be remotely exploitable stack overflow vulnerability. The key code is as follows: -------------------------The following contents are in danger, only for research use-------------- var appllaa='0'; var...
Password Stealers Riding Along with DirectShow Exploits
On May 28, our colleagues at The Microsoft Security Response Center released advisory 971778 which elaborated on a new vulnerability in Microsoft DirectShow effecting Windows 2000, Windows XP and Windows Server 2003. You can obtain more details on how to protect your environment from this...
Inside Patch Tuesday: MS patches IIS WebDav, PWN2OWN flaws
Microsoft released 10 security bulletins today. Six of the bulletins impact the Windows operating system, while one applies to the Internet Explorer browser and three affects Microsoft Office Word, Excel, Works. Some interesting notes for today: 1. Microsoft has patched the IIS WebDav 0-day. This...