CVE-2007-4336

{"id": "CVE-2007-4336", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2007-08-14T18:17:00.000", "references": [{"url": "http://osvdb.org/36399", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/26426", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/466601", "tags": ["US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/25279", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1018551", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/2857", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35970", "source": "cve@mitre.org"}, {"url": "https://www.exploit-db.com/exploits/4279", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/36399", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/26426", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.kb.cert.org/vuls/id/466601", "tags": ["US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/25279", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1018551", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2007/2857", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35970", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.exploit-db.com/exploits/4279", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in the Live Picture Corporation DXSurface.LivePicture.FlashPix.1 (DirectTransform FlashPix) ActiveX control in DXTLIPI.DLL 6.0.2.827, as packaged in Microsoft DirectX Media 6.0 SDK, allows remote attackers to execute arbitrary code via a long SourceUrl property value."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en el control ActiveX Live Picture Corporation DXSurface.LivePicture.FlashPix.1 (DirectTransform FlashPix) de DXTLIPI.DLL 6.0.2.827, como el empaquetado en Microsoft DirectX Media 6.0 SDK, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante valor de la propiedad SourceUrl largo."}], "lastModified": "2024-11-21T00:35:20.980", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:directx_media:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC36A9CA-FB6B-422B-A246-F0A6A8820656"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}