Microsoft Windows MSVidCtl Remote Buffer Overflow Vulnerability (0day)
Title : Microsoft Windows MSVidCtl Remote Buffer Overflow Vulnerability (0day)
VUPEN ID : VUPEN/ADV-2009-1787
CVE ID : GENERIC-MAP-NOMATCH
CWE ID : CWE-119
Rated as : Critical
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2009-07-06
Technical Description: A vulnerability has been identified in Microsoft Windows, which could be exploited by remote attackers to compromise an affected system. This issue is caused by a buffer overflow error in the ActiveX control for streaming video "MSVidCtl.dll" when reading a file containing overly long data, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
Note: This vulnerability is currently being exploited in the wild.
Affected Products: Microsoft Windows XP, Microsoft Windows Server 2003, Microsoft Windows Vista
Solution:
Set a kill bit for the CLSID {0955AC62-BF2E-4CBA-A2B9-A63F772D46CF}.
VUPEN Security is not aware of any vendor-supplied patch.
Credits: Vulnerability discovered in the wild.
ChangeLog: 2009-07-06 : Initial release
http://www.vupen.com/english/advisories/2009/1787