CVE-2007-4336

Currently unrated

Key Information:

Vendor: Microsoft
Status: Directx Media
Vendor: CVE Published:; 14 August 2007

Summary

Buffer overflow in the Live Picture Corporation DXSurface.LivePicture.FlashPix.1 (DirectTransform FlashPix) ActiveX control in DXTLIPI.DLL 6.0.2.827, as packaged in Microsoft DirectX Media 6.0 SDK, allows remote attackers to execute arbitrary code via a long SourceUrl property value.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/35970

vdb-entryx_refsource_XF

https://www.exploit-db.com/exploits/4279

exploitx_refsource_EXPLOIT-DB

http://www.vupen.com/english/advisories/2007/2857

vdb-entryx_refsource_VUPEN

EPSS Score

96% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 14, 2007
Vulnerability Reserved
Aug 14, 2007

Collectors

NVD DatabaseMitre Database