14 matches found
CISA Flags Four Security Flaws Under Active Exploitation in Latest KEV Update
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added four security flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows - CVE-2026-2441 CVSS score: 8.8 - A use-after-free...
CISA Adds Four Known Exploited Vulnerabilities to Catalog
CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2008-0015link is external Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability CVE-2020-7796link is external Synacor Zimbra Collaboratio...
Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability
Microsoft Windows Video ActiveX Control contains a remote code execution vulnerability. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully...
MS09-055: Cumulative Security Update of ActiveX Kill Bits
Resolves a vulnerability that is currently being exploited in Microsoft Video ActiveX Control that could allow remote code execution if a user views a specially crafted Web page by using Internet Explorer, instantiating the ActiveX control.INTRODUCTIONMicrosoft has released security bulletin...
MS Internet Explorer 7 Video ActiveX Remote Buffer Overflow Exploit
Exploit for windows platform in category remote exploits =================================================================== MS Internet Explorer 7 Video ActiveX Remote Buffer Overflow Exploit =================================================================== !/usr/bin/env python MS Internet...
Microsoft Video ActiveX Control 'msvidctl.dll' BOF Vulnerability
Microsoft Video ActiveX Control is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2008-0015
Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library ATL, as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold...
Stack overflow
Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library ATL, as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold...
CVE-2008-0020
Technical details about CVE-2008-0020 are not publicly available in the provided connected documents. Monitor for updates as new information becomes public.
CVE-2008-0015
Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library ATL, as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold...
CVE-2008-0015
CVE-2008-0015 is a stack-based buffer overflow in ATL’s CComVariant::ReadFromStream used by the MPEG2TuneRequest ActiveX control in msvidctl.dll (DirectShow). The vulnerability affects multiple Windows versions (2000 SP4, XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 SP2) and allows rem...
Microsoft DirectShow Video ActiveX Control Stack Buffer Overflow (CVE-2008-0015)
The Microsoft Video Control object is a Microsoft ActiveX control that connects Microsoft DirectShow filters for use in capturing, recording, and playing video. A stack buffer overflow vulnerability has been discovered in Microsoft DirectShow. The flaw is in the way Microsoft Video ActiveX contro...
VulnCheck KEV: CVE-2008-0015
Microsoft Windows Video ActiveX Control contains a remote code execution vulnerability. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully...
US-CERT Technical Cyber Security Alert TA09-187A -- Microsoft Video ActiveX Control Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA09-187A Microsoft Video ActiveX Control Vulnerability Original release date: July 06, 2009 Last revised: -- Source: US-CERT Systems Affected Microsoft Windows XP Microsoft Windows Server 200...