Public exploits available
On this page
A remote code execution vulnerability exists in the Microsoft Video ActiveX Control, msvidctl.dll. An attacker could exploit the vulnerability by constructing a specially crafted Web page.
An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Technical details (analysis)
The Microsoft Video Control object is a Microsoft ActiveX control that connects Microsoft DirectShow filters for use in capturing, recording, and playing video. It is the main component that Microsoft Windows Media Center uses to build filter graphs for recording and playing television video. When the Microsoft Video ActiveX Control is instantiated in Internet Explorer, the control may corrupt the system state in such a way that an attacker could run arbitrary code. An attacker could host a specially crafted Web site that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the Web site. This can also include compromised Web sites and Web sites that accept or host user-provided content or advertisements. These Web sites could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites.
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 2 and Windows XP Service Pack 3
Microsoft Windows XP Professional x64 Edition Service Pack 2
Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows Server 2003 x64 Edition Service Pack 2
Microsoft Windows Server 2003 with SP2 for Itanium-based Systems
Microsoft Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
Microsoft Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
Microsoft Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
Microsoft Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
Microsoft Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
All applications not on the affected list.
Release Date: 2009-08-06T00:00:00
Known false positives
No known false positives at this time.
No known work-arounds at this time.