CVE-2007-4336

CVE Database · CVE-2007-4336

CVE-2007-4336

· N/AModified

CVSS v3.1

N/A

EPSS

50.71%

Published

Aug 14, 2007

Modified

Apr 22, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBMicrosoft DXMedia SDK 6 - 'SourceUrl' ActiveX Remote Code Execution TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Buffer overflow in the Live Picture Corporation DXSurface.LivePicture.FlashPix.1 (DirectTransform FlashPix) ActiveX control in DXTLIPI.DLL 6.0.2.827, as packaged in Microsoft DirectX Media 6.0 SDK, allows remote attackers to execute arbitrary code via a long SourceUrl property value.

Affected Products (1)

microsoft · directx_mediavulnerable

References (16)

http://osvdb.org/36399

http://secunia.com/advisories/26426

Vendor Advisory

http://www.kb.cert.org/vuls/id/466601

US Government Resource

http://www.securityfocus.com/bid/25279

http://www.securitytracker.com/id?1018551

http://www.vupen.com/english/advisories/2007/2857

https://exchange.xforce.ibmcloud.com/vulnerabilities/35970

https://www.exploit-db.com/exploits/4279

http://osvdb.org/36399

http://secunia.com/advisories/26426

Vendor Advisory

http://www.kb.cert.org/vuls/id/466601

KEV Catalog EPSS Scores Vendors All CVEs