M32 Security » buffer overflow attack http://m32consulting.com Network Security Info, News, and Resources Fri, 30 Jul 2010 04:55:42 +0000 en hourly 1 Microsoft DirectShow ActiveX Buffer Overflow exploit in the wildhttp://m32consulting.com/2009/07/microsoft-directshow-activex-buffer-overflow-exploit-in-the-wild/ http://m32consulting.com/2009/07/microsoft-directshow-activex-buffer-overflow-exploit-in-the-wild/#comments Mon, 06 Jul 2009 17:50:48 +0000 Kyle http://m32consulting.com/?p=37 Be sure to check for patches and network security appliance definitions/signatures today, Microsoft has been reminded again of why people hate ActiveX; Secunia is reporting a nasty new DirectShow Buffer Overflow attack is in the wild. This one is very dangerous, as it exploits the built-in DirectShow control in Internet Explorer (msvidctl.dll) by using specially-crafted image content to create a boundary error and subsequently cause a stack-based buffer overflow allowing the attacker to execute arbitrary code on the compromised machine.

The worst part? It’s already being actively used by bad people. Although Secunia’s site currently shows Windows XP as the only OS vulnerable, I wouldn’t be surprised to see more versions of Windows tacked on in the near future.

More information can be found here.

]]> http://m32consulting.com/2009/07/microsoft-directshow-activex-buffer-overflow-exploit-in-the-wild/feed/ 0