CVE Vulnerability

CVE-2007-4336

Buffer overflow in the Live Picture Corporation DXSurface.LivePicture.FlashPix.1 (DirectTransform FlashPix) ActiveX control in DXTLIPI.DLL 6.0.2.827, as packaged in Microsoft DirectX Media 6.0 SDK, allows remote attackers to execute arbitrary code via a long SourceUrl property value.

4.3 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8.6 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

Scope

References
Link Resource
http://www.kb.cert.org/vuls/id/466601 US Government Resource
http://secunia.com/advisories/26426 Vendor Advisory
http://www.securityfocus.com/bid/25279
http://www.securitytracker.com/id?1018551
http://osvdb.org/36399
http://www.vupen.com/english/advisories/2007/2857
https://exchange.xforce.ibmcloud.com/vulnerabilities/35970
https://www.exploit-db.com/exploits/4279
Configurations

Configuration 1

cpe:2.3:a:microsoft:directx_media:6.0:*:*:*:*:*:*:*
Information

Published : 2007-08-14 06:17

Updated : 2017-09-29 01:29

NVD link : CVE-2007-4336

Mitre link : CVE-2007-4336

Products Affected
No products.
CWE
NVD-CWE-Other