CVE-2006-4183

Currently unrated

Key Information:

Vendor: Microsoft
Status: Directx Sdk
Vendor: CVE Published:; 18 July 2007

Summary

Heap-based buffer overflow in Microsoft DirectX SDK (February 2006) and probably earlier, including 9.0c End User Runtimes, allows context-dependent attackers to execute arbitrary code via a crafted Targa file with a run-length-encoding (RLE) compression that produces more data than expected when decoding.

References

http://www.reversemode.com/index.php?option=com_remositor...

x_refsource_MISC

http://labs.idefense.com/intelligence/vulnerabilities/dis...

third-party-advisoryx_refsource_IDEFENSE

http://www.securitytracker.com/id?1018420

vdb-entryx_refsource_SECTRACK

EPSS Score

81% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 18, 2007
Vulnerability Reserved
Aug 16, 2006

Collectors

NVD DatabaseMitre Database