← back
CVE-2008-0015

CVE-2008-0015

CVSS 8.8 HIGHEPSS 76.6%● KEVCWE-121
In short

A bug in Microsoft's video player component allows attackers to run malicious code on your computer when you visit a specially crafted webpage. The flaw lets attackers overflow a memory buffer to inject and execute harmful instructions.

Technical detail

Stack-based buffer overflow in CComVariant::ReadFromStream within ATL's MPEG2TuneRequest ActiveX control (msvidctl.dll). Remote attackers can exploit this via crafted web content to achieve arbitrary code execution; exploitation requires user interaction (visiting a malicious page) and affects Windows 2000 SP4 through Vista SP2 and Server 2008.

Summary generated and translated by AI from the official description.
Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka "Microsoft Video ActiveX Control Vulnerability."
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
n/a · n/a
public PoCs found2
exploitdbwww.exploit-db.com/exploits/16615unverifiedexploitdbwww.exploit-db.com/exploits/9108unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspxhttp://isc.sans.org/diary.html?storyid=6733http://osvdb.org/55651https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-032https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037http://secunia.com/advisories/36187https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6333https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6363https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7436https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2008-0015http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799http://www.iss.net/threats/329.html