Microsoft DirectX Media SDK DXTLIPI.DLL ActiveX缓冲区溢出漏洞

Microsoft DirectX Media SDK是一组底层应用程序编程接口API。 Microsoft DirectX Media SDK DXTLIP.DLL ActiveX控件存在缓冲区溢出，远程攻击者可以利用漏洞以链接此库的应用程序执行任意指令。 问题是DXTLIP.DLL ActiveX控件在处理"SourceUrl"方法时缺少充分的边界检查，提交超长字符串作为参数数据，并诱使用户访问，可导致缓冲区溢出，精心构建提交数据可能以链接此库的应用程序执行任意指令。 Microsoft DirectX Media SDK 6.0 目前没有详细解决方案提供：...

Buffer overflow

Buffer overflow in the Live Picture Corporation DXSurface.LivePicture.FlashPix.1 DirectTransform FlashPix ActiveX control in DXTLIPI.DLL 6.0.2.827, as packaged in Microsoft DirectX Media 6.0 SDK, allows remote attackers to execute arbitrary code via a long SourceUrl property value...

CVE-2007-4336

The CVE-2007-4336 entry concerns a buffer overflow in the Live Picture Corporation DXSurface.LivePicture.FlashPix.1 (DirectTransform FlashPix) ActiveX control, packaged in DXTLIPI.DLL version 6.0.2.827 within Microsoft DirectX Media 6.0 SDK. The vulnerability arises from processing a long SourceU...