CVE-2007-4336 Information

Description

Buffer overflow in the Live Picture Corporation DXSurface.LivePicture.FlashPix.1 (DirectTransform FlashPix) ActiveX control in DXTLIPI.DLL 6.0.2.827 as packaged in Microsoft DirectX Media 6.0 SDK allows remote attackers to execute arbitrary code via a long SourceUrl property value.

Reference

http://osvdb.org/36399 http://secunia.com/advisories/26426 http://www.kb.cert.org/vuls/id/466601 http://www.securityfocus.com/bid/25279 http://www.securitytracker.com/id?1018551 http://www.vupen.com/english/advisories/2007/2857 https://exchange.xforce.ibmcloud.com/vulnerabilities/35970 https://www.exploit-db.com/exploits/4279