Vulnerability-Lookup

CVE-2008-0015 (GCVE-0-2008-0015)

Vulnerability from cvelistv5 – Published: 2009-07-07 23:00 – Updated: 2026-02-18 04:56

CISA KEV

Summary

Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka "Microsoft Video ActiveX Control Vulnerability."

Severity ?

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/bid/35558	vdb-entryx_refsource_BID
	http://www.us-cert.gov/cas/techalerts/TA09-223A.html	third-party-advisoryx_refsource_CERT
	http://blogs.technet.com/srd/archive/2009/08/11/m…	x_refsource_MISC
	http://osvdb.org/55651	vdb-entryx_refsource_OSVDB
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.securityfocus.com/bid/35585	vdb-entryx_refsource_BID
	http://secunia.com/advisories/36187	third-party-advisoryx_refsource_SECUNIA
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.vupen.com/english/advisories/2009/2232	vdb-entryx_refsource_VUPEN
	http://www.securitytracker.com/id?1022514	vdb-entryx_refsource_SECTRACK
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799	x_refsource_MISC
	http://isc.sans.org/diary.html?storyid=6733	x_refsource_MISC
	http://www.us-cert.gov/cas/techalerts/TA09-187A.html	third-party-advisoryx_refsource_CERT
	http://www.microsoft.com/technet/security/advisor…	x_refsource_CONFIRM
	http://www.us-cert.gov/cas/techalerts/TA09-195A.html	third-party-advisoryx_refsource_CERT
	http://www.iss.net/threats/329.html	third-party-advisoryx_refsource_ISS
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.kb.cert.org/vuls/id/180513	third-party-advisoryx_refsource_CERT-VN

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: e563fed5-feee-43b8-83ce-b7ba88e67793

Vulnerability ID: CVE-2008-0015

Status: Confirmed

Status Updated: 2026-02-17 00:00 UTC

Exploited: Yes

Timestamps

First Seen: 2026-02-17

Asserted: 2026-02-17

Scope

Notes: KEV entry: Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability | Affected: Microsoft / Windows | Description: Microsoft Windows Video ActiveX Control contains a remote code execution vulnerability. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user. | Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. | Due date: 2026-03-10 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://web.archive.org/web/20110305211119/https://www.microsoft.com/technet/security/bulletin/ms09-032.mspx ; https://nvd.nist.gov/vuln/detail/CVE-2008-0015

Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details

Cwes
Feed	CISA Known Exploited Vulnerabilities Catalog
Product	Windows
Due Date	2026-03-10
Date Added	2026-02-17
Vendorproject	Microsoft
Vulnerabilityname	Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability
Knownransomwarecampaignuse	Unknown

References

CVE-2008-0015

Created: 2026-02-18 06:44 UTC | Updated: 2026-02-18 06:44 UTC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T07:32:23.333Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "35558",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/35558"
          },
          {
            "name": "TA09-223A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-223A.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx"
          },
          {
            "name": "55651",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/55651"
          },
          {
            "name": "oval:org.mitre.oval:def:6333",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6333"
          },
          {
            "name": "35585",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/35585"
          },
          {
            "name": "36187",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36187"
          },
          {
            "name": "MS09-032",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-032"
          },
          {
            "name": "oval:org.mitre.oval:def:7436",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7436"
          },
          {
            "name": "ADV-2009-2232",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2232"
          },
          {
            "name": "1022514",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022514"
          },
          {
            "name": "MS09-037",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://isc.sans.org/diary.html?storyid=6733"
          },
          {
            "name": "TA09-187A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-187A.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.microsoft.com/technet/security/advisory/972890.mspx"
          },
          {
            "name": "TA09-195A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-195A.html"
          },
          {
            "name": "20090706 Multiple Microsoft Video Control ActiveX Remote Code Execution Vulnerabilities",
            "tags": [
              "third-party-advisory",
              "x_refsource_ISS",
              "x_transferred"
            ],
            "url": "http://www.iss.net/threats/329.html"
          },
          {
            "name": "oval:org.mitre.oval:def:6363",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6363"
          },
          {
            "name": "VU#180513",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/180513"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2008-0015",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-17T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2026-02-17",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2008-0015"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-121",
                "description": "CWE-121 Stack-based Buffer Overflow",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-18T04:56:26.652Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2008-0015"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2026-02-17T00:00:00.000Z",
            "value": "CVE-2008-0015 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-07-06T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka \"Microsoft Video ActiveX Control Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "35558",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/35558"
        },
        {
          "name": "TA09-223A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-223A.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx"
        },
        {
          "name": "55651",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/55651"
        },
        {
          "name": "oval:org.mitre.oval:def:6333",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6333"
        },
        {
          "name": "35585",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/35585"
        },
        {
          "name": "36187",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36187"
        },
        {
          "name": "MS09-032",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-032"
        },
        {
          "name": "oval:org.mitre.oval:def:7436",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7436"
        },
        {
          "name": "ADV-2009-2232",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2232"
        },
        {
          "name": "1022514",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022514"
        },
        {
          "name": "MS09-037",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://isc.sans.org/diary.html?storyid=6733"
        },
        {
          "name": "TA09-187A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-187A.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.microsoft.com/technet/security/advisory/972890.mspx"
        },
        {
          "name": "TA09-195A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-195A.html"
        },
        {
          "name": "20090706 Multiple Microsoft Video Control ActiveX Remote Code Execution Vulnerabilities",
          "tags": [
            "third-party-advisory",
            "x_refsource_ISS"
          ],
          "url": "http://www.iss.net/threats/329.html"
        },
        {
          "name": "oval:org.mitre.oval:def:6363",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6363"
        },
        {
          "name": "VU#180513",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/180513"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-0015",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka \"Microsoft Video ActiveX Control Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "35558",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/35558"
            },
            {
              "name": "TA09-223A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-223A.html"
            },
            {
              "name": "http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx",
              "refsource": "MISC",
              "url": "http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx"
            },
            {
              "name": "55651",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/55651"
            },
            {
              "name": "oval:org.mitre.oval:def:6333",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6333"
            },
            {
              "name": "35585",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/35585"
            },
            {
              "name": "36187",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36187"
            },
            {
              "name": "MS09-032",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-032"
            },
            {
              "name": "oval:org.mitre.oval:def:7436",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7436"
            },
            {
              "name": "ADV-2009-2232",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/2232"
            },
            {
              "name": "1022514",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022514"
            },
            {
              "name": "MS09-037",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037"
            },
            {
              "name": "http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799",
              "refsource": "MISC",
              "url": "http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799"
            },
            {
              "name": "http://isc.sans.org/diary.html?storyid=6733",
              "refsource": "MISC",
              "url": "http://isc.sans.org/diary.html?storyid=6733"
            },
            {
              "name": "TA09-187A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-187A.html"
            },
            {
              "name": "http://www.microsoft.com/technet/security/advisory/972890.mspx",
              "refsource": "CONFIRM",
              "url": "http://www.microsoft.com/technet/security/advisory/972890.mspx"
            },
            {
              "name": "TA09-195A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-195A.html"
            },
            {
              "name": "20090706 Multiple Microsoft Video Control ActiveX Remote Code Execution Vulnerabilities",
              "refsource": "ISS",
              "url": "http://www.iss.net/threats/329.html"
            },
            {
              "name": "oval:org.mitre.oval:def:6363",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6363"
            },
            {
              "name": "VU#180513",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/180513"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-0015",
    "datePublished": "2009-07-07T23:00:00.000Z",
    "dateReserved": "2007-12-13T00:00:00.000Z",
    "dateUpdated": "2026-02-18T04:56:26.652Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2008-0015",
      "dateAdded": "2026-02-17",
      "dueDate": "2026-03-10",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://web.archive.org/web/20110305211119/https://www.microsoft.com/technet/security/bulletin/ms09-032.mspx ; https://nvd.nist.gov/vuln/detail/CVE-2008-0015",
      "product": "Windows",
      "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
      "shortDescription": "Microsoft Windows Video ActiveX Control contains a remote code execution vulnerability. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user.",
      "vendorProject": "Microsoft",
      "vulnerabilityName": " Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2003_server:-:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C0C7D2B-0AA5-4E82-B58B-2668A0EAC2E9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2003_server:-:sp2:itanium:*:*:*:*:*\", \"matchCriteriaId\": \"C0D88E59-0DDC-4AE0-83B8-0C9DADAB2733\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_2003_server:-:sp2:x64:*:*:*:*:*\", \"matchCriteriaId\": \"4D5F7729-A095-43DF-BF2F-B4B6938087FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*\", \"matchCriteriaId\": \"1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka \\\"Microsoft Video ActiveX Control Vulnerability.\\\"\"}, {\"lang\": \"es\", \"value\": \"Desbordamiento de b\\u00fafer basado en la pila MPEG2TuneRequest en la dll svidctl del control Microsoft Video ActiveX en Microsoft DirectShow para Windows 2000, XP, y Server 2003 permiten a atacantes remotos ejecutar c\\u00f3digo arbitrario a tra\\u00b4ves de p\\u00e1ginas web manipuladas, como se ha explotado libremente Julio de 2009.\"}]",
      "id": "CVE-2008-0015",
      "lastModified": "2024-11-21T00:40:58.793",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2009-07-07T23:30:00.187",
      "references": "[{\"url\": \"http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://isc.sans.org/diary.html?storyid=6733\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://osvdb.org/55651\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/36187\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.iss.net/threats/329.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/180513\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.microsoft.com/technet/security/advisory/972890.mspx\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/35558\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/35585\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id?1022514\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-187A.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-195A.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-223A.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/2232\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-032\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6333\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6363\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7436\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://isc.sans.org/diary.html?storyid=6733\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://osvdb.org/55651\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/36187\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.iss.net/threats/329.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/180513\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.microsoft.com/technet/security/advisory/972890.mspx\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/35558\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/35585\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1022514\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-187A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-195A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-223A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/2232\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-032\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6333\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6363\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7436\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-0015\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2009-07-07T23:30:00.187\",\"lastModified\":\"2026-02-17T21:16:49.580\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka \\\"Microsoft Video ActiveX Control Vulnerability.\\\"\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de b\u00fafer basado en la pila MPEG2TuneRequest en la dll svidctl del control Microsoft Video ActiveX en Microsoft DirectShow para Windows 2000, XP, y Server 2003 permiten a atacantes remotos ejecutar c\u00f3digo arbitrario a tra\u00b4ves de p\u00e1ginas web manipuladas, como se ha explotado libremente Julio de 2009.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-121\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2003_server:-:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C0C7D2B-0AA5-4E82-B58B-2668A0EAC2E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2003_server:-:sp2:itanium:*:*:*:*:*\",\"matchCriteriaId\":\"C0D88E59-0DDC-4AE0-83B8-0C9DADAB2733\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_2003_server:-:sp2:x64:*:*:*:*:*\",\"matchCriteriaId\":\"4D5F7729-A095-43DF-BF2F-B4B6938087FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*\",\"matchCriteriaId\":\"1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9\"}]}]}],\"references\":[{\"url\":\"http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://isc.sans.org/diary.html?storyid=6733\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://osvdb.org/55651\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/36187\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.iss.net/threats/329.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/180513\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.microsoft.com/technet/security/advisory/972890.mspx\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/35558\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/35585\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1022514\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA09-187A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA09-195A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA09-223A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/2232\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-032\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6333\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6363\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7436\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://isc.sans.org/diary.html?storyid=6733\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://osvdb.org/55651\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/36187\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.iss.net/threats/329.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/180513\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.microsoft.com/technet/security/advisory/972890.mspx\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/35558\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/35585\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1022514\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA09-187A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA09-195A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA09-223A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/2232\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-032\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6333\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6363\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7436\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2008-0015\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.securityfocus.com/bid/35558\", \"name\": \"35558\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-223A.html\", \"name\": \"TA09-223A\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT\", \"x_transferred\"]}, {\"url\": \"http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://osvdb.org/55651\", \"name\": \"55651\", \"tags\": [\"vdb-entry\", \"x_refsource_OSVDB\", \"x_transferred\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6333\", \"name\": \"oval:org.mitre.oval:def:6333\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/35585\", \"name\": \"35585\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/36187\", \"name\": \"36187\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-032\", \"name\": \"MS09-032\", \"tags\": [\"vendor-advisory\", \"x_refsource_MS\", \"x_transferred\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7436\", \"name\": \"oval:org.mitre.oval:def:7436\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/2232\", \"name\": \"ADV-2009-2232\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id?1022514\", \"name\": \"1022514\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037\", \"name\": \"MS09-037\", \"tags\": [\"vendor-advisory\", \"x_refsource_MS\", \"x_transferred\"]}, {\"url\": \"http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://isc.sans.org/diary.html?storyid=6733\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-187A.html\", \"name\": \"TA09-187A\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT\", \"x_transferred\"]}, {\"url\": \"http://www.microsoft.com/technet/security/advisory/972890.mspx\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-195A.html\", \"name\": \"TA09-195A\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT\", \"x_transferred\"]}, {\"url\": \"http://www.iss.net/threats/329.html\", \"name\": \"20090706 Multiple Microsoft Video Control ActiveX Remote Code Execution Vulnerabilities\", \"tags\": [\"third-party-advisory\", \"x_refsource_ISS\", \"x_transferred\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6363\", \"name\": \"oval:org.mitre.oval:def:6363\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\", \"x_transferred\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/180513\", \"name\": \"VU#180513\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT-VN\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-07T07:32:23.333Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2008-0015\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-02-17T17:13:33.656738Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2026-02-17\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2008-0015\"}}}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2008-0015\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-121\", \"description\": \"CWE-121 Stack-based Buffer Overflow\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-02-17T17:02:57.445Z\"}, \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-02-17T00:00:00.000Z\", \"value\": \"CVE-2008-0015 added to CISA KEV\"}]}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2009-07-06T00:00:00.000Z\", \"references\": [{\"url\": \"http://www.securityfocus.com/bid/35558\", \"name\": \"35558\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-223A.html\", \"name\": \"TA09-223A\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT\"]}, {\"url\": \"http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://osvdb.org/55651\", \"name\": \"55651\", \"tags\": [\"vdb-entry\", \"x_refsource_OSVDB\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6333\", \"name\": \"oval:org.mitre.oval:def:6333\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\"]}, {\"url\": \"http://www.securityfocus.com/bid/35585\", \"name\": \"35585\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"http://secunia.com/advisories/36187\", \"name\": \"36187\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-032\", \"name\": \"MS09-032\", \"tags\": [\"vendor-advisory\", \"x_refsource_MS\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7436\", \"name\": \"oval:org.mitre.oval:def:7436\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/2232\", \"name\": \"ADV-2009-2232\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://www.securitytracker.com/id?1022514\", \"name\": \"1022514\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037\", \"name\": \"MS09-037\", \"tags\": [\"vendor-advisory\", \"x_refsource_MS\"]}, {\"url\": \"http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://isc.sans.org/diary.html?storyid=6733\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-187A.html\", \"name\": \"TA09-187A\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT\"]}, {\"url\": \"http://www.microsoft.com/technet/security/advisory/972890.mspx\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-195A.html\", \"name\": \"TA09-195A\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT\"]}, {\"url\": \"http://www.iss.net/threats/329.html\", \"name\": \"20090706 Multiple Microsoft Video Control ActiveX Remote Code Execution Vulnerabilities\", \"tags\": [\"third-party-advisory\", \"x_refsource_ISS\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6363\", \"name\": \"oval:org.mitre.oval:def:6363\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/180513\", \"name\": \"VU#180513\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT-VN\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka \\\"Microsoft Video ActiveX Control Vulnerability.\\\"\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2018-10-12T19:57:01.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://www.securityfocus.com/bid/35558\", \"name\": \"35558\", \"refsource\": \"BID\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-223A.html\", \"name\": \"TA09-223A\", \"refsource\": \"CERT\"}, {\"url\": \"http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx\", \"name\": \"http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx\", \"refsource\": \"MISC\"}, {\"url\": \"http://osvdb.org/55651\", \"name\": \"55651\", \"refsource\": \"OSVDB\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6333\", \"name\": \"oval:org.mitre.oval:def:6333\", \"refsource\": \"OVAL\"}, {\"url\": \"http://www.securityfocus.com/bid/35585\", \"name\": \"35585\", \"refsource\": \"BID\"}, {\"url\": \"http://secunia.com/advisories/36187\", \"name\": \"36187\", \"refsource\": \"SECUNIA\"}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-032\", \"name\": \"MS09-032\", \"refsource\": \"MS\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7436\", \"name\": \"oval:org.mitre.oval:def:7436\", \"refsource\": \"OVAL\"}, {\"url\": \"http://www.vupen.com/english/advisories/2009/2232\", \"name\": \"ADV-2009-2232\", \"refsource\": \"VUPEN\"}, {\"url\": \"http://www.securitytracker.com/id?1022514\", \"name\": \"1022514\", \"refsource\": \"SECTRACK\"}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037\", \"name\": \"MS09-037\", \"refsource\": \"MS\"}, {\"url\": \"http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799\", \"name\": \"http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799\", \"refsource\": \"MISC\"}, {\"url\": \"http://isc.sans.org/diary.html?storyid=6733\", \"name\": \"http://isc.sans.org/diary.html?storyid=6733\", \"refsource\": \"MISC\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-187A.html\", \"name\": \"TA09-187A\", \"refsource\": \"CERT\"}, {\"url\": \"http://www.microsoft.com/technet/security/advisory/972890.mspx\", \"name\": \"http://www.microsoft.com/technet/security/advisory/972890.mspx\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA09-195A.html\", \"name\": \"TA09-195A\", \"refsource\": \"CERT\"}, {\"url\": \"http://www.iss.net/threats/329.html\", \"name\": \"20090706 Multiple Microsoft Video Control ActiveX Remote Code Execution Vulnerabilities\", \"refsource\": \"ISS\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6363\", \"name\": \"oval:org.mitre.oval:def:6363\", \"refsource\": \"OVAL\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/180513\", \"name\": \"VU#180513\", \"refsource\": \"CERT-VN\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka \\\"Microsoft Video ActiveX Control Vulnerability.\\\"\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2008-0015\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"cve@mitre.org\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2008-0015\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-18T04:56:26.652Z\", \"dateReserved\": \"2007-12-13T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2009-07-07T23:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

CERTA-2009-AVI-278

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité dans le contrôle ActiveX Microsoft Video permet à une personne distante malintentionnée d'exécuter du code arbitraire à distance.

Description

Une erreur dans le contrôle ActiveX Microsoft video (msvidctl.dll) en charge de la gestion du flux vidéo permet à une personne distante malintentionnée d'exécuter du code arbitraire via une page web spécialement construite. Ce correctif désactive automatiquement le contrôle ActiveX dans la base de registre, comme il était recommandé dans l'alerte CERTA-2009-ALE-010 (cf. section Documentation).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Microsoft	Windows	Microsoft Windows Server 2003 ;
	Microsoft	Windows	Microsoft Windows XP.

References

Title

Publication Time

Tags

Bulletin de sécurité MS09-032 du 14 juillet 2009	None	vendor-advisory
Bulletin de sécurité Microsoft MS09-032 du 14 juillet 2009 :	-	other
Bulletin de sécurité Microsoft MS09-032 du 14 juillet 2009 :	-	other
Bulletin d'alerte du CERTA CERTA-2009-ALE-010 du 07 juillet 2009:	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Windows Server 2003 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows XP.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne erreur dans le contr\u00f4le ActiveX Microsoft video (msvidctl.dll) en\ncharge de la gestion du flux vid\u00e9o permet \u00e0 une personne distante\nmalintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire via une page web\nsp\u00e9cialement construite. Ce correctif d\u00e9sactive automatiquement le\ncontr\u00f4le ActiveX dans la base de registre, comme il \u00e9tait recommand\u00e9\ndans l\u0027alerte CERTA-2009-ALE-010 (cf. section Documentation).\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-0015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0015"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-032 du 14 juillet 2009    :",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS09-032.mspx"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-032 du 14 juillet 2009    :",
      "url": "http://www.microsoft.com/france/technet/security/Bulletin/MS09-032.mspx"
    },
    {
      "title": "Bulletin d\u0027alerte du CERTA CERTA-2009-ALE-010 du 07 juillet    2009:",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-ALE-010/index.html"
    }
  ],
  "reference": "CERTA-2009-AVI-278",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-07-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans le contr\u00f4le \u003cspan class=\"textit\"\u003eActiveX\u003c/span\u003e\nMicrosoft Video permet \u00e0 une personne distante malintentionn\u00e9e\nd\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans le contr\u00f4le ActiveX Microsoft Video",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 MS09-032 du 14 juillet 2009",
      "url": null
    }
  ]
}

CERTA-2009-AVI-325

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités de la bibliothèque ATL de Windows permettent à un utilisateur malveillant d'exécuter du code arbitraire à distance.

Description

Plusieurs vulnérabilités de la bibliothèque ATL (Active template library) de Windows ont été identifiées :

la première provient de la lecture sans filtrage de données non sûres ;
la seconde tire son origine de la copie de données non sûres ;
la troisième résulte du défaut d'initialisation d'un objet ;
la quatrième est liée à des erreurs dans certains en-têtes ATL ;
la cinquième provient d'un défaut de gestion de la mémoire.

Pour chacune de ces vulnérabilités, un utilisateur malveillant peut, par le biais d'une page web malveillante, exécuter du code arbitraire sur un système vulnérable avec les droits de l'utilisateur ;

Solution

Se référer au bulletin de sécurité MS09-037 de Microsoft pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Microsoft	Windows	Windows Server 2008 et 2008 SP2 pour architecturess 32 bits, x64 et Itanium.
Microsoft	Windows	Windows Vista, Vista SP1 et SP2, y compris versions pour x64 ;
Microsoft	Windows	Windows XP S2, SP3 et Édition Media Center 2005 ;
Microsoft	Windows	Windows 2000 SP4 ;
Microsoft	Windows	Windows Server 2003 SP2, y compris versions pour x64 et Itanium ;
Microsoft	Windows	Windows XP Professionnel Édition x64 SP2 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS09-037

2009-08-11

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows Server 2008 et 2008 SP2 pour architecturess 32 bits, x64 et Itanium.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Vista, Vista SP1 et SP2, y compris versions pour x64 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows XP S2, SP3 et \u00c9dition Media Center 2005 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 2000 SP4 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2003 SP2, y compris versions pour x64 et Itanium ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows XP Professionnel \u00c9dition x64 SP2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s de la biblioth\u00e8que ATL (Active template\nlibrary) de Windows ont \u00e9t\u00e9 identifi\u00e9es\u00a0:\n\n-   la premi\u00e8re provient de la lecture sans filtrage de donn\u00e9es non\n    s\u00fbres ;\n-   la seconde tire son origine de la copie de donn\u00e9es non s\u00fbres ;\n-   la troisi\u00e8me r\u00e9sulte du d\u00e9faut d\u0027initialisation d\u0027un objet ;\n-   la quatri\u00e8me est li\u00e9e \u00e0 des erreurs dans certains en-t\u00eates ATL ;\n-   la cinqui\u00e8me provient d\u0027un d\u00e9faut de gestion de la m\u00e9moire.\n\nPour chacune de ces vuln\u00e9rabilit\u00e9s, un utilisateur malveillant peut, par\nle biais d\u0027une page web malveillante, ex\u00e9cuter du code arbitraire sur un\nsyst\u00e8me vuln\u00e9rable avec les droits de l\u0027utilisateur ;\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 MS09-037 de Microsoft pour\nl\u0027obtention des correctifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-0015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0015"
    },
    {
      "name": "CVE-2008-0020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0020"
    },
    {
      "name": "CVE-2009-2494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2494"
    },
    {
      "name": "CVE-2009-0901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0901"
    },
    {
      "name": "CVE-2009-2493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2493"
    }
  ],
  "links": [],
  "reference": "CERTA-2009-AVI-325",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-08-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s de la biblioth\u00e8que ATL de Windows permettent \u00e0\nun utilisateur malveillant d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9s de la biblioth\u00e8que ATL de Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": "2009-08-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-037",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS09-037.mspx"
    }
  ]
}

CERTA-2009-AVI-278

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité dans le contrôle ActiveX Microsoft Video permet à une personne distante malintentionnée d'exécuter du code arbitraire à distance.

Description

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Microsoft	Windows	Microsoft Windows Server 2003 ;
	Microsoft	Windows	Microsoft Windows XP.

References

Title

Publication Time

Tags

Bulletin de sécurité MS09-032 du 14 juillet 2009	None	vendor-advisory
Bulletin de sécurité Microsoft MS09-032 du 14 juillet 2009 :	-	other
Bulletin de sécurité Microsoft MS09-032 du 14 juillet 2009 :	-	other
Bulletin d'alerte du CERTA CERTA-2009-ALE-010 du 07 juillet 2009:	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Windows Server 2003 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows XP.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne erreur dans le contr\u00f4le ActiveX Microsoft video (msvidctl.dll) en\ncharge de la gestion du flux vid\u00e9o permet \u00e0 une personne distante\nmalintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire via une page web\nsp\u00e9cialement construite. Ce correctif d\u00e9sactive automatiquement le\ncontr\u00f4le ActiveX dans la base de registre, comme il \u00e9tait recommand\u00e9\ndans l\u0027alerte CERTA-2009-ALE-010 (cf. section Documentation).\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-0015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0015"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-032 du 14 juillet 2009    :",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS09-032.mspx"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-032 du 14 juillet 2009    :",
      "url": "http://www.microsoft.com/france/technet/security/Bulletin/MS09-032.mspx"
    },
    {
      "title": "Bulletin d\u0027alerte du CERTA CERTA-2009-ALE-010 du 07 juillet    2009:",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-ALE-010/index.html"
    }
  ],
  "reference": "CERTA-2009-AVI-278",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-07-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans le contr\u00f4le \u003cspan class=\"textit\"\u003eActiveX\u003c/span\u003e\nMicrosoft Video permet \u00e0 une personne distante malintentionn\u00e9e\nd\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans le contr\u00f4le ActiveX Microsoft Video",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 MS09-032 du 14 juillet 2009",
      "url": null
    }
  ]
}

CERTA-2009-AVI-325

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités de la bibliothèque ATL de Windows permettent à un utilisateur malveillant d'exécuter du code arbitraire à distance.

Description

Plusieurs vulnérabilités de la bibliothèque ATL (Active template library) de Windows ont été identifiées :

la première provient de la lecture sans filtrage de données non sûres ;
la seconde tire son origine de la copie de données non sûres ;
la troisième résulte du défaut d'initialisation d'un objet ;
la quatrième est liée à des erreurs dans certains en-têtes ATL ;
la cinquième provient d'un défaut de gestion de la mémoire.

Solution

Se référer au bulletin de sécurité MS09-037 de Microsoft pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Microsoft	Windows	Windows Server 2008 et 2008 SP2 pour architecturess 32 bits, x64 et Itanium.
Microsoft	Windows	Windows Vista, Vista SP1 et SP2, y compris versions pour x64 ;
Microsoft	Windows	Windows XP S2, SP3 et Édition Media Center 2005 ;
Microsoft	Windows	Windows 2000 SP4 ;
Microsoft	Windows	Windows Server 2003 SP2, y compris versions pour x64 et Itanium ;
Microsoft	Windows	Windows XP Professionnel Édition x64 SP2 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS09-037

2009-08-11

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows Server 2008 et 2008 SP2 pour architecturess 32 bits, x64 et Itanium.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Vista, Vista SP1 et SP2, y compris versions pour x64 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows XP S2, SP3 et \u00c9dition Media Center 2005 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows 2000 SP4 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2003 SP2, y compris versions pour x64 et Itanium ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows XP Professionnel \u00c9dition x64 SP2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s de la biblioth\u00e8que ATL (Active template\nlibrary) de Windows ont \u00e9t\u00e9 identifi\u00e9es\u00a0:\n\n-   la premi\u00e8re provient de la lecture sans filtrage de donn\u00e9es non\n    s\u00fbres ;\n-   la seconde tire son origine de la copie de donn\u00e9es non s\u00fbres ;\n-   la troisi\u00e8me r\u00e9sulte du d\u00e9faut d\u0027initialisation d\u0027un objet ;\n-   la quatri\u00e8me est li\u00e9e \u00e0 des erreurs dans certains en-t\u00eates ATL ;\n-   la cinqui\u00e8me provient d\u0027un d\u00e9faut de gestion de la m\u00e9moire.\n\nPour chacune de ces vuln\u00e9rabilit\u00e9s, un utilisateur malveillant peut, par\nle biais d\u0027une page web malveillante, ex\u00e9cuter du code arbitraire sur un\nsyst\u00e8me vuln\u00e9rable avec les droits de l\u0027utilisateur ;\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 MS09-037 de Microsoft pour\nl\u0027obtention des correctifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-0015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0015"
    },
    {
      "name": "CVE-2008-0020",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0020"
    },
    {
      "name": "CVE-2009-2494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2494"
    },
    {
      "name": "CVE-2009-0901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0901"
    },
    {
      "name": "CVE-2009-2493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2493"
    }
  ],
  "links": [],
  "reference": "CERTA-2009-AVI-325",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-08-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s de la biblioth\u00e8que ATL de Windows permettent \u00e0\nun utilisateur malveillant d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9s de la biblioth\u00e8que ATL de Microsoft Windows",
  "vendor_advisories": [
    {
      "published_at": "2009-08-11",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-037",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS09-037.mspx"
    }
  ]
}

GHSA-H58H-8G45-V677

Vulnerability from github – Published: 2022-05-01 23:27 – Updated: 2026-02-17 21:31

Details

Severity ?

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-0015"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119",
      "CWE-121"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-07-07T23:30:00Z",
    "severity": "HIGH"
  },
  "details": "Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka \"Microsoft Video ActiveX Control Vulnerability.\"",
  "id": "GHSA-h58h-8g45-v677",
  "modified": "2026-02-17T21:31:12Z",
  "published": "2022-05-01T23:27:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0015"
    },
    {
      "type": "WEB",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-032"
    },
    {
      "type": "WEB",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6333"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6363"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7436"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2008-0015"
    },
    {
      "type": "WEB",
      "url": "http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx"
    },
    {
      "type": "WEB",
      "url": "http://isc.sans.org/diary.html?storyid=6733"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/55651"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/36187"
    },
    {
      "type": "WEB",
      "url": "http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799"
    },
    {
      "type": "WEB",
      "url": "http://www.iss.net/threats/329.html"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/180513"
    },
    {
      "type": "WEB",
      "url": "http://www.microsoft.com/technet/security/advisory/972890.mspx"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/35558"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/35585"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1022514"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-187A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-195A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-223A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/2232"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CERTA-2009-ALE-010

Vulnerability from certfr_alerte - Published: - Updated:

Une vulnérabilité dans le contrôle ActiveX Microsoft Video permet à une personne malintentionnée d'exécuter du code arbitraire à distance.

Description

Une erreur dans le contrôle ActiveX Microsoft Video (msvidctl.dll) en charge de la gestion de flux vidéo permet à une personne distante malintentionnée d'exécuter du code arbitraire via une page web spécialement construite.

Cette vulnérabilité est déjà exploitée sur l'Internet et ne necéssite pas forcément de contenu vidéo sur la page visitée.

Contournement provisoire

Les moyens de contournement suivants sont disponibles :

Microsoft a publié un contournement provisoire permettant de désactiver le contrôle ActiveX mis en cause. Une application est disponible sur le bulletin de sécurité Microsoft (cf. la section Documentation).

Afin de désactiver le contrôle ActiveX, il faut placer la valeur Compatibility Flags pour chaque Class Identifier suivants comme décrit ci-dessous :
```
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\
{XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}]
"Compatibility Flags"=dword:00000400
```
Liste des Class Identifiers :

{011B3619-FE63-4814-8A84-15A194CE9CE3}

{0149EEDF-D08F-4142-8D73-D23903D21E90}

{0369B4E5-45B6-11D3-B650-00C04F79498E}

{0369B4E6-45B6-11D3-B650-00C04F79498E}

{055CB2D7-2969-45CD-914B-76890722F112}

{0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}

{15D6504A-5494-499C-886C-973C9E53B9F1}

{1BE49F30-0E1B-11D3-9D8E-00C04F72D980}

{1C15D484-911D-11D2-B632-00C04F79498E}

{1DF7D126-4050-47F0-A7CF-4C4CA9241333}

{2C63E4EB-4CEA-41B8-919C-E947EA19A77C}

{334125C0-77E5-11D3-B653-00C04F79498E}

{37B0353C-A4C8-11D2-B634-00C04F79498E}

{37B03543-A4C8-11D2-B634-00C04F79498E}

{37B03544-A4C8-11D2-B634-00C04F79498E}

{418008F3-CF67-4668-9628-10DC52BE1D08}

{4A5869CF-929D-4040-AE03-FCAFC5B9CD42}

{577FAA18-4518-445E-8F70-1473F8CF4BA4}

{59DC47A8-116C-11D3-9D8E-00C04F72D980}

{7F9CB14D-48E4-43B6-9346-1AEBC39C64D3}

{823535A0-0318-11D3-9D8E-00C04F72D980}

{8872FF1B-98FA-4D7A-8D93-C9F1055F85BB}

{8A674B4C-1F63-11D3-B64C-00C04F79498E}

{8A674B4D-1F63-11D3-B64C-00C04F79498E}

{9CD64701-BDF3-4D14-8E03-F12983D86664}

{9E77AAC4-35E5-42A1-BDC2-8F3FF399847C}

{A1A2B1C4-0E3A-11D3-9D8E-00C04F72D980}

{A2E3074E-6C3D-11D3-B653-00C04F79498E}

{A2E30750-6C3D-11D3-B653-00C04F79498E}

{A8DCF3D5-0780-4EF4-8A83-2CFFAACB8ACE}

{AD8E510D-217F-409B-8076-29C5E73B98E8}

{B0EDF163-910A-11D2-B632-00C04F79498E}

{B64016F3-C9A2-4066-96F0-BD9563314726}

{BB530C63-D9DF-4B49-9439-63453962E598}

{C531D9FD-9685-4028-8B68-6E1232079F1E}

{C5702CCC-9B79-11D3-B654-00C04F79498E}

{C5702CCD-9B79-11D3-B654-00C04F79498E}

{C5702CCE-9B79-11D3-B654-00C04F79498E}

{C5702CCF-9B79-11D3-B654-00C04F79498E}

{C5702CD0-9B79-11D3-B654-00C04F79498E}

{C6B14B32-76AA-4A86-A7AC-5C79AAF58DA7}

{CAAFDD83-CEFC-4E3D-BA03-175F17A24F91}

{D02AAC50-027E-11D3-9D8E-00C04F72D980}

{F9769A06-7ACA-4E39-9CFB-97BB35F0E77E}

{FA7C375B-66A7-4280-879D-FD459C84BB02}

Remarque : Cette désactivation peut empêcher la visualisation de vidéos avec Internet Explorer.
utiliser un navigateur alternatif.

Rappel : d'une manière générale la désactivation des contrôles ActiveX par défaut reste une bonne pratique.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Microsoft	Windows	Microsoft Windows Server 2003 ;
	Microsoft	Windows	Microsoft Windows XP.

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft 972890 du 06 juillet 2009	None	vendor-advisory
Bulletin de sécurité Microsoft MS09-032 du 14 juillet 2009 :	-	other
Bulletin de sécurité Microsoft MS09-032 du 14 juillet 2009 :	-	other
Lien de téléchargement du contournement provisoire Microsoft :	-	other
Avis CERTA-2009-AVI-278 du 15 juillet 2009 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Windows Server 2003 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows XP.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2009-07-15",
  "content": "## Description\n\nUne erreur dans le contr\u00f4le ActiveX Microsoft Video (msvidctl.dll) en\ncharge de la gestion de flux vid\u00e9o permet \u00e0 une personne distante\nmalintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire via une page web\nsp\u00e9cialement construite.\n\nCette vuln\u00e9rabilit\u00e9 est d\u00e9j\u00e0 exploit\u00e9e sur l\u0027Internet et ne nec\u00e9ssite\npas forc\u00e9ment de contenu vid\u00e9o sur la page visit\u00e9e.\n\n## Contournement provisoire\n\nLes moyens de contournement suivants sont disponibles :\n\n-   Microsoft a publi\u00e9 un contournement provisoire permettant de\n    d\u00e9sactiver le contr\u00f4le ActiveX mis en cause. Une application est\n    disponible sur le bulletin de s\u00e9curit\u00e9 Microsoft (cf. la section\n    Documentation).\n\n    Afin de d\u00e9sactiver le contr\u00f4le ActiveX, il faut placer la valeur\n    Compatibility Flags pour chaque Class Identifier suivants comme\n    d\u00e9crit ci-dessous :\n\n        [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\ActiveX Compatibility\\\n        {XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}]\n        \"Compatibility Flags\"=dword:00000400\n\n    Liste des Class Identifiers :\n\n    {011B3619-FE63-4814-8A84-15A194CE9CE3}\n\n    {0149EEDF-D08F-4142-8D73-D23903D21E90}\n\n    {0369B4E5-45B6-11D3-B650-00C04F79498E}\n\n    {0369B4E6-45B6-11D3-B650-00C04F79498E}\n\n    {055CB2D7-2969-45CD-914B-76890722F112}\n\n    {0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}\n\n    {15D6504A-5494-499C-886C-973C9E53B9F1}\n\n    {1BE49F30-0E1B-11D3-9D8E-00C04F72D980}\n\n    {1C15D484-911D-11D2-B632-00C04F79498E}\n\n    {1DF7D126-4050-47F0-A7CF-4C4CA9241333}\n\n    {2C63E4EB-4CEA-41B8-919C-E947EA19A77C}\n\n    {334125C0-77E5-11D3-B653-00C04F79498E}\n\n    {37B0353C-A4C8-11D2-B634-00C04F79498E}\n\n    {37B03543-A4C8-11D2-B634-00C04F79498E}\n\n    {37B03544-A4C8-11D2-B634-00C04F79498E}\n\n    {418008F3-CF67-4668-9628-10DC52BE1D08}\n\n    {4A5869CF-929D-4040-AE03-FCAFC5B9CD42}\n\n    {577FAA18-4518-445E-8F70-1473F8CF4BA4}\n\n    {59DC47A8-116C-11D3-9D8E-00C04F72D980}\n\n    {7F9CB14D-48E4-43B6-9346-1AEBC39C64D3}\n\n    {823535A0-0318-11D3-9D8E-00C04F72D980}\n\n    {8872FF1B-98FA-4D7A-8D93-C9F1055F85BB}\n\n    {8A674B4C-1F63-11D3-B64C-00C04F79498E}\n\n    {8A674B4D-1F63-11D3-B64C-00C04F79498E}\n\n    {9CD64701-BDF3-4D14-8E03-F12983D86664}\n\n    {9E77AAC4-35E5-42A1-BDC2-8F3FF399847C}\n\n    {A1A2B1C4-0E3A-11D3-9D8E-00C04F72D980}\n\n    {A2E3074E-6C3D-11D3-B653-00C04F79498E}\n\n    {A2E30750-6C3D-11D3-B653-00C04F79498E}\n\n    {A8DCF3D5-0780-4EF4-8A83-2CFFAACB8ACE}\n\n    {AD8E510D-217F-409B-8076-29C5E73B98E8}\n\n    {B0EDF163-910A-11D2-B632-00C04F79498E}\n\n    {B64016F3-C9A2-4066-96F0-BD9563314726}\n\n    {BB530C63-D9DF-4B49-9439-63453962E598}\n\n    {C531D9FD-9685-4028-8B68-6E1232079F1E}\n\n    {C5702CCC-9B79-11D3-B654-00C04F79498E}\n\n    {C5702CCD-9B79-11D3-B654-00C04F79498E}\n\n    {C5702CCE-9B79-11D3-B654-00C04F79498E}\n\n    {C5702CCF-9B79-11D3-B654-00C04F79498E}\n\n    {C5702CD0-9B79-11D3-B654-00C04F79498E}\n\n    {C6B14B32-76AA-4A86-A7AC-5C79AAF58DA7}\n\n    {CAAFDD83-CEFC-4E3D-BA03-175F17A24F91}\n\n    {D02AAC50-027E-11D3-9D8E-00C04F72D980}\n\n    {F9769A06-7ACA-4E39-9CFB-97BB35F0E77E}\n\n    {FA7C375B-66A7-4280-879D-FD459C84BB02}\n\n    Remarque : Cette d\u00e9sactivation peut emp\u00eacher la visualisation de\n    vid\u00e9os avec Internet Explorer.\n\n-   utiliser un navigateur alternatif.\n\nRappel : d\u0027une mani\u00e8re g\u00e9n\u00e9rale la d\u00e9sactivation des contr\u00f4les ActiveX\npar d\u00e9faut reste une bonne pratique.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-0015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0015"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-032 du 14 juillet 2009    :",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS09-032.mspx"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-032 du 14 juillet 2009    :",
      "url": "http://www.microsoft.com/france/technet/security/Bulletin/MS09-032.mspx"
    },
    {
      "title": "Lien de t\u00e9l\u00e9chargement du contournement provisoire    Microsoft :",
      "url": "http://go.microsoft.com/?linkid=9672398"
    },
    {
      "title": "Avis CERTA-2009-AVI-278 du 15 juillet 2009 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-AVI-278/index.html"
    }
  ],
  "reference": "CERTA-2009-ALE-010",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-07-07T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Microsoft MS09-032.",
      "revision_date": "2009-07-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans le contr\u00f4le \u003cspan class=\"textit\"\u003eActiveX\u003c/span\u003e\nMicrosoft Video permet \u00e0 une personne malintentionn\u00e9e d\u0027ex\u00e9cuter du code\narbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans le contr\u00f4le ActiveX Microsoft Video",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft 972890 du 06 juillet 2009",
      "url": "http://www.microsoft.com/technet/security/advisory/972890.mspx"
    }
  ]
}

CERTA-2009-ALE-010

Vulnerability from certfr_alerte - Published: - Updated:

Une vulnérabilité dans le contrôle ActiveX Microsoft Video permet à une personne malintentionnée d'exécuter du code arbitraire à distance.

Description

Cette vulnérabilité est déjà exploitée sur l'Internet et ne necéssite pas forcément de contenu vidéo sur la page visitée.

Contournement provisoire

Les moyens de contournement suivants sont disponibles :

Microsoft a publié un contournement provisoire permettant de désactiver le contrôle ActiveX mis en cause. Une application est disponible sur le bulletin de sécurité Microsoft (cf. la section Documentation).

Afin de désactiver le contrôle ActiveX, il faut placer la valeur Compatibility Flags pour chaque Class Identifier suivants comme décrit ci-dessous :
```
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\
{XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}]
"Compatibility Flags"=dword:00000400
```
Liste des Class Identifiers :

{011B3619-FE63-4814-8A84-15A194CE9CE3}

{0149EEDF-D08F-4142-8D73-D23903D21E90}

{0369B4E5-45B6-11D3-B650-00C04F79498E}

{0369B4E6-45B6-11D3-B650-00C04F79498E}

{055CB2D7-2969-45CD-914B-76890722F112}

{0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}

{15D6504A-5494-499C-886C-973C9E53B9F1}

{1BE49F30-0E1B-11D3-9D8E-00C04F72D980}

{1C15D484-911D-11D2-B632-00C04F79498E}

{1DF7D126-4050-47F0-A7CF-4C4CA9241333}

{2C63E4EB-4CEA-41B8-919C-E947EA19A77C}

{334125C0-77E5-11D3-B653-00C04F79498E}

{37B0353C-A4C8-11D2-B634-00C04F79498E}

{37B03543-A4C8-11D2-B634-00C04F79498E}

{37B03544-A4C8-11D2-B634-00C04F79498E}

{418008F3-CF67-4668-9628-10DC52BE1D08}

{4A5869CF-929D-4040-AE03-FCAFC5B9CD42}

{577FAA18-4518-445E-8F70-1473F8CF4BA4}

{59DC47A8-116C-11D3-9D8E-00C04F72D980}

{7F9CB14D-48E4-43B6-9346-1AEBC39C64D3}

{823535A0-0318-11D3-9D8E-00C04F72D980}

{8872FF1B-98FA-4D7A-8D93-C9F1055F85BB}

{8A674B4C-1F63-11D3-B64C-00C04F79498E}

{8A674B4D-1F63-11D3-B64C-00C04F79498E}

{9CD64701-BDF3-4D14-8E03-F12983D86664}

{9E77AAC4-35E5-42A1-BDC2-8F3FF399847C}

{A1A2B1C4-0E3A-11D3-9D8E-00C04F72D980}

{A2E3074E-6C3D-11D3-B653-00C04F79498E}

{A2E30750-6C3D-11D3-B653-00C04F79498E}

{A8DCF3D5-0780-4EF4-8A83-2CFFAACB8ACE}

{AD8E510D-217F-409B-8076-29C5E73B98E8}

{B0EDF163-910A-11D2-B632-00C04F79498E}

{B64016F3-C9A2-4066-96F0-BD9563314726}

{BB530C63-D9DF-4B49-9439-63453962E598}

{C531D9FD-9685-4028-8B68-6E1232079F1E}

{C5702CCC-9B79-11D3-B654-00C04F79498E}

{C5702CCD-9B79-11D3-B654-00C04F79498E}

{C5702CCE-9B79-11D3-B654-00C04F79498E}

{C5702CCF-9B79-11D3-B654-00C04F79498E}

{C5702CD0-9B79-11D3-B654-00C04F79498E}

{C6B14B32-76AA-4A86-A7AC-5C79AAF58DA7}

{CAAFDD83-CEFC-4E3D-BA03-175F17A24F91}

{D02AAC50-027E-11D3-9D8E-00C04F72D980}

{F9769A06-7ACA-4E39-9CFB-97BB35F0E77E}

{FA7C375B-66A7-4280-879D-FD459C84BB02}

Remarque : Cette désactivation peut empêcher la visualisation de vidéos avec Internet Explorer.
utiliser un navigateur alternatif.

Rappel : d'une manière générale la désactivation des contrôles ActiveX par défaut reste une bonne pratique.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Microsoft	Windows	Microsoft Windows Server 2003 ;
	Microsoft	Windows	Microsoft Windows XP.

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft 972890 du 06 juillet 2009	None	vendor-advisory
Bulletin de sécurité Microsoft MS09-032 du 14 juillet 2009 :	-	other
Bulletin de sécurité Microsoft MS09-032 du 14 juillet 2009 :	-	other
Lien de téléchargement du contournement provisoire Microsoft :	-	other
Avis CERTA-2009-AVI-278 du 15 juillet 2009 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Windows Server 2003 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows XP.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2009-07-15",
  "content": "## Description\n\nUne erreur dans le contr\u00f4le ActiveX Microsoft Video (msvidctl.dll) en\ncharge de la gestion de flux vid\u00e9o permet \u00e0 une personne distante\nmalintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire via une page web\nsp\u00e9cialement construite.\n\nCette vuln\u00e9rabilit\u00e9 est d\u00e9j\u00e0 exploit\u00e9e sur l\u0027Internet et ne nec\u00e9ssite\npas forc\u00e9ment de contenu vid\u00e9o sur la page visit\u00e9e.\n\n## Contournement provisoire\n\nLes moyens de contournement suivants sont disponibles :\n\n-   Microsoft a publi\u00e9 un contournement provisoire permettant de\n    d\u00e9sactiver le contr\u00f4le ActiveX mis en cause. Une application est\n    disponible sur le bulletin de s\u00e9curit\u00e9 Microsoft (cf. la section\n    Documentation).\n\n    Afin de d\u00e9sactiver le contr\u00f4le ActiveX, il faut placer la valeur\n    Compatibility Flags pour chaque Class Identifier suivants comme\n    d\u00e9crit ci-dessous :\n\n        [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer\\ActiveX Compatibility\\\n        {XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}]\n        \"Compatibility Flags\"=dword:00000400\n\n    Liste des Class Identifiers :\n\n    {011B3619-FE63-4814-8A84-15A194CE9CE3}\n\n    {0149EEDF-D08F-4142-8D73-D23903D21E90}\n\n    {0369B4E5-45B6-11D3-B650-00C04F79498E}\n\n    {0369B4E6-45B6-11D3-B650-00C04F79498E}\n\n    {055CB2D7-2969-45CD-914B-76890722F112}\n\n    {0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}\n\n    {15D6504A-5494-499C-886C-973C9E53B9F1}\n\n    {1BE49F30-0E1B-11D3-9D8E-00C04F72D980}\n\n    {1C15D484-911D-11D2-B632-00C04F79498E}\n\n    {1DF7D126-4050-47F0-A7CF-4C4CA9241333}\n\n    {2C63E4EB-4CEA-41B8-919C-E947EA19A77C}\n\n    {334125C0-77E5-11D3-B653-00C04F79498E}\n\n    {37B0353C-A4C8-11D2-B634-00C04F79498E}\n\n    {37B03543-A4C8-11D2-B634-00C04F79498E}\n\n    {37B03544-A4C8-11D2-B634-00C04F79498E}\n\n    {418008F3-CF67-4668-9628-10DC52BE1D08}\n\n    {4A5869CF-929D-4040-AE03-FCAFC5B9CD42}\n\n    {577FAA18-4518-445E-8F70-1473F8CF4BA4}\n\n    {59DC47A8-116C-11D3-9D8E-00C04F72D980}\n\n    {7F9CB14D-48E4-43B6-9346-1AEBC39C64D3}\n\n    {823535A0-0318-11D3-9D8E-00C04F72D980}\n\n    {8872FF1B-98FA-4D7A-8D93-C9F1055F85BB}\n\n    {8A674B4C-1F63-11D3-B64C-00C04F79498E}\n\n    {8A674B4D-1F63-11D3-B64C-00C04F79498E}\n\n    {9CD64701-BDF3-4D14-8E03-F12983D86664}\n\n    {9E77AAC4-35E5-42A1-BDC2-8F3FF399847C}\n\n    {A1A2B1C4-0E3A-11D3-9D8E-00C04F72D980}\n\n    {A2E3074E-6C3D-11D3-B653-00C04F79498E}\n\n    {A2E30750-6C3D-11D3-B653-00C04F79498E}\n\n    {A8DCF3D5-0780-4EF4-8A83-2CFFAACB8ACE}\n\n    {AD8E510D-217F-409B-8076-29C5E73B98E8}\n\n    {B0EDF163-910A-11D2-B632-00C04F79498E}\n\n    {B64016F3-C9A2-4066-96F0-BD9563314726}\n\n    {BB530C63-D9DF-4B49-9439-63453962E598}\n\n    {C531D9FD-9685-4028-8B68-6E1232079F1E}\n\n    {C5702CCC-9B79-11D3-B654-00C04F79498E}\n\n    {C5702CCD-9B79-11D3-B654-00C04F79498E}\n\n    {C5702CCE-9B79-11D3-B654-00C04F79498E}\n\n    {C5702CCF-9B79-11D3-B654-00C04F79498E}\n\n    {C5702CD0-9B79-11D3-B654-00C04F79498E}\n\n    {C6B14B32-76AA-4A86-A7AC-5C79AAF58DA7}\n\n    {CAAFDD83-CEFC-4E3D-BA03-175F17A24F91}\n\n    {D02AAC50-027E-11D3-9D8E-00C04F72D980}\n\n    {F9769A06-7ACA-4E39-9CFB-97BB35F0E77E}\n\n    {FA7C375B-66A7-4280-879D-FD459C84BB02}\n\n    Remarque : Cette d\u00e9sactivation peut emp\u00eacher la visualisation de\n    vid\u00e9os avec Internet Explorer.\n\n-   utiliser un navigateur alternatif.\n\nRappel : d\u0027une mani\u00e8re g\u00e9n\u00e9rale la d\u00e9sactivation des contr\u00f4les ActiveX\npar d\u00e9faut reste une bonne pratique.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-0015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-0015"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-032 du 14 juillet 2009    :",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS09-032.mspx"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-032 du 14 juillet 2009    :",
      "url": "http://www.microsoft.com/france/technet/security/Bulletin/MS09-032.mspx"
    },
    {
      "title": "Lien de t\u00e9l\u00e9chargement du contournement provisoire    Microsoft :",
      "url": "http://go.microsoft.com/?linkid=9672398"
    },
    {
      "title": "Avis CERTA-2009-AVI-278 du 15 juillet 2009 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-AVI-278/index.html"
    }
  ],
  "reference": "CERTA-2009-ALE-010",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-07-07T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Microsoft MS09-032.",
      "revision_date": "2009-07-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans le contr\u00f4le \u003cspan class=\"textit\"\u003eActiveX\u003c/span\u003e\nMicrosoft Video permet \u00e0 une personne malintentionn\u00e9e d\u0027ex\u00e9cuter du code\narbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans le contr\u00f4le ActiveX Microsoft Video",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft 972890 du 06 juillet 2009",
      "url": "http://www.microsoft.com/technet/security/advisory/972890.mspx"
    }
  ]
}

GSD-2008-0015

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2008-0015

Aliases

CVE-2008-0015

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-0015",
    "description": "Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka \"Microsoft Video ActiveX Control Vulnerability.\"",
    "id": "GSD-2008-0015",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2008-0015"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-0015"
      ],
      "details": "Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka \"Microsoft Video ActiveX Control Vulnerability.\"",
      "id": "GSD-2008-0015",
      "modified": "2023-12-13T01:22:58.623372Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2008-0015",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka \"Microsoft Video ActiveX Control Vulnerability.\""
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "35558",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/35558"
          },
          {
            "name": "TA09-223A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-223A.html"
          },
          {
            "name": "http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx",
            "refsource": "MISC",
            "url": "http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx"
          },
          {
            "name": "55651",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/55651"
          },
          {
            "name": "oval:org.mitre.oval:def:6333",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6333"
          },
          {
            "name": "35585",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/35585"
          },
          {
            "name": "36187",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/36187"
          },
          {
            "name": "MS09-032",
            "refsource": "MS",
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-032"
          },
          {
            "name": "oval:org.mitre.oval:def:7436",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7436"
          },
          {
            "name": "ADV-2009-2232",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/2232"
          },
          {
            "name": "1022514",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1022514"
          },
          {
            "name": "MS09-037",
            "refsource": "MS",
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037"
          },
          {
            "name": "http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799",
            "refsource": "MISC",
            "url": "http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799"
          },
          {
            "name": "http://isc.sans.org/diary.html?storyid=6733",
            "refsource": "MISC",
            "url": "http://isc.sans.org/diary.html?storyid=6733"
          },
          {
            "name": "TA09-187A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-187A.html"
          },
          {
            "name": "http://www.microsoft.com/technet/security/advisory/972890.mspx",
            "refsource": "CONFIRM",
            "url": "http://www.microsoft.com/technet/security/advisory/972890.mspx"
          },
          {
            "name": "TA09-195A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-195A.html"
          },
          {
            "name": "20090706 Multiple Microsoft Video Control ActiveX Remote Code Execution Vulnerabilities",
            "refsource": "ISS",
            "url": "http://www.iss.net/threats/329.html"
          },
          {
            "name": "oval:org.mitre.oval:def:6363",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6363"
          },
          {
            "name": "VU#180513",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/180513"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:-:sp2:x64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:-:sp2:itanium:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:microsoft:windows_2003_server:-:sp2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-0015"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka \"Microsoft Video ActiveX Control Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://isc.sans.org/diary.html?storyid=6733",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://isc.sans.org/diary.html?storyid=6733"
            },
            {
              "name": "http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799"
            },
            {
              "name": "20090706 Multiple Microsoft Video Control ActiveX Remote Code Execution Vulnerabilities",
              "refsource": "ISS",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.iss.net/threats/329.html"
            },
            {
              "name": "http://www.microsoft.com/technet/security/advisory/972890.mspx",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.microsoft.com/technet/security/advisory/972890.mspx"
            },
            {
              "name": "35558",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/35558"
            },
            {
              "name": "35585",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/35585"
            },
            {
              "name": "1022514",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1022514"
            },
            {
              "name": "55651",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/55651"
            },
            {
              "name": "VU#180513",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/180513"
            },
            {
              "name": "TA09-187A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-187A.html"
            },
            {
              "name": "http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx",
              "refsource": "MISC",
              "tags": [],
              "url": "http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx"
            },
            {
              "name": "ADV-2009-2232",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2009/2232"
            },
            {
              "name": "36187",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/36187"
            },
            {
              "name": "TA09-223A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-223A.html"
            },
            {
              "name": "TA09-195A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-195A.html"
            },
            {
              "name": "oval:org.mitre.oval:def:7436",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7436"
            },
            {
              "name": "oval:org.mitre.oval:def:6363",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6363"
            },
            {
              "name": "oval:org.mitre.oval:def:6333",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6333"
            },
            {
              "name": "MS09-037",
              "refsource": "MS",
              "tags": [],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037"
            },
            {
              "name": "MS09-032",
              "refsource": "MS",
              "tags": [],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-032"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2018-10-12T21:44Z",
      "publishedDate": "2009-07-07T23:30Z"
    }
  }
}

FKIE_CVE-2008-0015

Vulnerability from fkie_nvd - Published: 2009-07-07 23:30 - Updated: 2026-02-17 21:16

CISA KEV

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
cve@mitre.org	http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx
cve@mitre.org	http://isc.sans.org/diary.html?storyid=6733	Exploit
cve@mitre.org	http://osvdb.org/55651
cve@mitre.org	http://secunia.com/advisories/36187
cve@mitre.org	http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799	Exploit
cve@mitre.org	http://www.iss.net/threats/329.html	Exploit
cve@mitre.org	http://www.kb.cert.org/vuls/id/180513	US Government Resource
cve@mitre.org	http://www.microsoft.com/technet/security/advisory/972890.mspx	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/35558
cve@mitre.org	http://www.securityfocus.com/bid/35585
cve@mitre.org	http://www.securitytracker.com/id?1022514
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA09-187A.html	US Government Resource
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA09-195A.html	US Government Resource
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA09-223A.html	US Government Resource
cve@mitre.org	http://www.vupen.com/english/advisories/2009/2232
cve@mitre.org	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-032
cve@mitre.org	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6333
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6363
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7436
af854a3a-2127-422b-91ae-364da2661108	http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx
af854a3a-2127-422b-91ae-364da2661108	http://isc.sans.org/diary.html?storyid=6733	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/55651
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36187
af854a3a-2127-422b-91ae-364da2661108	http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.iss.net/threats/329.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/180513	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.microsoft.com/technet/security/advisory/972890.mspx	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/35558
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/35585
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1022514
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA09-187A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA09-195A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA09-223A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/2232
af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-032
af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6333
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6363
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7436
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2008-0015

Impacted products

Vendor	Product	Version
microsoft	windows_2003_server	-
microsoft	windows_2003_server	-
microsoft	windows_2003_server	-
microsoft	windows_xp	*
microsoft	windows_xp	-
microsoft	windows_xp	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:-:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "3C0C7D2B-0AA5-4E82-B58B-2668A0EAC2E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:-:sp2:itanium:*:*:*:*:*",
              "matchCriteriaId": "C0D88E59-0DDC-4AE0-83B8-0C9DADAB2733",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:-:sp2:x64:*:*:*:*:*",
              "matchCriteriaId": "4D5F7729-A095-43DF-BF2F-B4B6938087FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*",
              "matchCriteriaId": "1AB9988B-5A9C-4F6D-BCCC-4D03AC6E4CF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "C9392D35-7BF5-48E9-879B-BBDE9A9E9AB9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka \"Microsoft Video ActiveX Control Vulnerability.\""
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en la pila MPEG2TuneRequest en la dll svidctl del control Microsoft Video ActiveX en Microsoft DirectShow para Windows 2000, XP, y Server 2003 permiten a atacantes remotos ejecutar c\u00f3digo arbitrario a tra\u00b4ves de p\u00e1ginas web manipuladas, como se ha explotado libremente Julio de 2009."
    }
  ],
  "id": "CVE-2008-0015",
  "lastModified": "2026-02-17T21:16:49.580",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2009-07-07T23:30:00.187",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://isc.sans.org/diary.html?storyid=6733"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/55651"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/36187"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.iss.net/threats/329.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/180513"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.microsoft.com/technet/security/advisory/972890.mspx"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/35558"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/35585"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1022514"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-187A.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-195A.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-223A.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/2232"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-032"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6333"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6363"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7436"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://isc.sans.org/diary.html?storyid=6733"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/55651"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36187"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.iss.net/threats/329.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/180513"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.microsoft.com/technet/security/advisory/972890.mspx"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/35558"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/35585"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022514"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-187A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-195A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA09-223A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/2232"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-032"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6333"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6363"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7436"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2008-0015"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-121"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2008-0015 (GCVE-0-2008-0015)

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Vendor Report Successful Exploitation Confidence: 80% Source: cisa-kev

Details

References

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Description

Contournement provisoire

Solution

Description

Contournement provisoire

Solution

Tags

Sightings

Nomenclature