Vulnerability Name: CVE-2008-0015 (CCN-40693) Assigned: 2007-12-13 Published: 2009-07-06 Updated: 2018-10-12 Summary: Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka "Microsoft Video ActiveX Control Vulnerability." CVSS v3 Severity: 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C 8.1 High (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:H/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C 8.1 High (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:H/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-119 Vulnerability Consequences: Gain Access References: Source: MISChttp://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx CVE-2008-0015 http://isc.sans.org/diary.html?storyid=6733 55651 Microsoft DirectShow Streaming Video ActiveX Control Vulnerabilities Microsoft Windows Various Components ATL Vulnerabilities 36187 Microsoft DirectShow Buffer Overflow in ActiveX Control Lets Remote Users Execute Arbitrary Code MS09-032 Cumulative Security Update of ActiveX Kill Bits (973346) http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799 Multiple Microsoft Video Control ActiveX Remote Code Execution Vulnerabilities 20090706 Multiple Microsoft Video Control ActiveX Remote Code Execution Vulnerabilities Microsoft Video ActiveX control stack buffer overflow VU#180513 Vulnerability in Microsoft Video ActiveX Control Could Allow Remote Code Execution http://www.microsoft.com/technet/security/advisory/972890.mspx Cumulative Security Update of ActiveX Kill Bits (973346) Microsoft DirectShow Video Streaming ActiveX (msvidctl.dll) IMPEG2TuneRequest DirectX Object Interface Overflow 35558 Microsoft Active Template Library Header Data Remote Code Execution Vulnerability 35585 Microsoft Active Template Library 'IPersistStreamInit' Remote Code Execution Vulnerability 1022514 TA09-187A TA09-195A TA09-223A ADV-2009-2232 MS09-032 MS09-037 win-msvidctl-bo(40693) oval:org.mitre.oval:def:6333 oval:org.mitre.oval:def:6363 oval:org.mitre.oval:def:7436 Vulnerable Configuration: Configuration 1 :cpe:/o:microsoft:windows_2003_server:-:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:-:sp2:itanium:*:*:*:*:* OR cpe:/o:microsoft:windows_2003_server:-:sp2:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:-:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:-:sp3:*:*:*:*:*:* Configuration CCN 1 :cpe:/o:microsoft:windows_2000:-:sp4:*:*:*:*:*:* OR cpe:/o:microsoft:windows:xp:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_xp:2005:sp3:media_center:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows:server_2003:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows:server_2003:sp2:itanium:*:*:*:*:* OR cpe:/o:microsoft:windows:server_2003:sp2:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:-:*:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_xp::sp2:x64:*:professional:*:*:* OR cpe:/o:microsoft:windows_vista:-:sp1:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:-:sp1:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:itanium:* OR cpe:/o:microsoft:windows_server_2008:*:*:*:*:*:*:x32:* OR cpe:/o:microsoft:windows:xp:sp3:*:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:-:sp2:x64:*:*:*:*:* OR cpe:/o:microsoft:windows_vista:-:sp2:*:*:*:*:*:* OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:* OR cpe:/o:microsoft:windows_server_2008:*:sp2:*:*:*:*:itanium:* Oval Definitions BACK
microsoft windows 2003 server - sp2
microsoft windows 2003 server - sp2
microsoft windows 2003 server - sp2
microsoft windows xp * sp2
microsoft windows xp - sp2
microsoft windows xp - sp3
microsoft windows 2000 - sp4
microsoft windows xp sp2
microsoft windows xp 2005 sp3
microsoft windows vista *
microsoft windows server_2003 sp2
microsoft windows server_2003 sp2
microsoft windows server_2003 sp2
microsoft windows vista -
microsoft windows xp sp2
microsoft windows vista - sp1
microsoft windows vista - sp1
microsoft windows server 2008 -
microsoft windows server 2008 -
microsoft windows xp sp3
microsoft windows vista - sp2
microsoft windows vista - sp2
microsoft windows server 2008 sp2
microsoft windows server 2008
Denotes that component is vulnerable