CVE-2007-4336

medium Microsoft
CVSS v3 Base Score
4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
EPSS Score
76.6%
Exploitation probability in 30 days
Top 1% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
M
Confidentiality
None
Integrity
None
Availability
P
Published: August 14, 2007 (6848 days ago)
Last Modified: April 23, 2026
Vendor: Microsoft
Source: NVD

Description

Buffer overflow in the Live Picture Corporation DXSurface.LivePicture.FlashPix.1 (DirectTransform FlashPix) ActiveX control in DXTLIPI.DLL 6.0.2.827, as packaged in Microsoft DirectX Media 6.0 SDK, allows remote attackers to execute arbitrary code via a long SourceUrl property value.

CWE

NVD-CWE-Other

Affected Products

microsoft directx media

References

🔗 osvdb.org 🔗 secunia.com 🔗 www.kb.cert.org 🔗 www.securityfocus.com 🔗 www.securitytracker.com