CVE-2007-4336

Sažetak

Buffer overflow in the Live Picture Corporation DXSurface.LivePicture.FlashPix.1 (DirectTransform FlashPix) ActiveX control in DXTLIPI.DLL 6.0.2.827, as packaged in Microsoft DirectX Media 6.0 SDK, allows remote attackers to execute arbitrary code via a long SourceUrl property value.

Reference

http://osvdb.org/36399
http://secunia.com/advisories/26426
http://www.kb.cert.org/vuls/id/466601
http://www.securityfocus.com/bid/25279
http://www.securitytracker.com/id?1018551
http://www.vupen.com/english/advisories/2007/2857
https://exchange.xforce.ibmcloud.com/vulnerabilities/35970
https://www.exploit-db.com/exploits/4279

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

29-09-2017 - 01:29

Objavljeno

14-08-2007 - 18:17