Heap-based Buffer Overflow in Microsoft ActiveX Control
CVE-2008-4255
Currently unrated
Key Information:
- Vendor
Microsoft
- Vendor
- CVE Published:
- 10 December 2008
What is CVE-2008-4255?
This vulnerability is caused by a heap-based buffer overflow in the mscomct2.ocx ActiveX control, which affects several Microsoft products. When a specially crafted AVI file with an incorrect stream length is processed, it leads to an allocation error resulting in memory corruption. Attackers can exploit this vulnerability remotely, allowing them to execute arbitrary code on the compromised system.