N/A

Unspecified vulnerability in the Load method in the IPersistStreamInit interface in the Active Template Library (ATL), as used in the Microsoft Video ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via unknown vectors that trigger memory corruption, aka "ATL Header Memcopy Vulnerability," a different vulnerability than CVE-2008-0015.

N/A

N/A

Microsoft DirectShow IPersistStreamInit 组件栈溢出漏洞

Microsoft Windows是微软发布的非常流行的操作系统，DirectShow用于在Windows操作系统中处理流媒体 。 DirectShow(msvidctl.dll)的IPersistStreamInit组件中存在栈溢出漏洞。此漏洞可以通过IE浏览器远程利用，如果用户受骗访问了恶意网页并打开读取MPEG-2文件的话，就可能触发这个溢出，导致执行任意指令。目前这个漏洞正在被广泛的用于挂马攻击。

N/A

N/A