|
|
|||
| Rule General Information |
|---|
| Release Date: | 2019-07-06 | |
| Rule Name: | Microsoft DXMedia SDK 6 SourceUrl ActiveX Remote Code Execution Vulnerability (CVE-2007-4336) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Buffer overflow in the Live Picture Corporation DXSurface.LivePicture.FlashPix.1 (DirectTransform FlashPix) ActiveX control in DXTLIPI.DLL 6.0.2.827, as packaged in Microsoft DirectX Media 6.0 SDK, allows remote attackers to execute arbitrary code via a long SourceUrl property value. | |
| Impact: | An attacker can execute arbitrary code via a successful exploit in the context of the vulnerable software. | |
| Affected OS: | Windows, Linux, FreeBSD, Solaris, Other Unix, Network Device, Mac OS, iOS, Android, Others | |
| Reference: | SecurityFocusBID:25279 ExploitDB:4279 http://www.kb.cert.org/vuls/id/466601 SecurityTrackerID:1018551 |
|
| Solutions |
|---|
| The vendors have released upgrade patches to fix vulnerabilities, please visit: http://www.microsoft.com/technet/security/ |