cbcvebase.
CVE-2007-4336
published 2007-08-14

CVE-2007-4336: Buffer overflow in the Live Picture Corporation DXSurface.LivePicture.FlashPix.1 (DirectTransform FlashPix) ActiveX control in DXTLIPI.DLL 6.0.2.827, as…

PriorityP336medium4.3CVSS 2.0
AVNACMAuNCNINAP
EXPLOIT
EPSS
50.71%
98.8th percentile
Buffer overflow in the Live Picture Corporation DXSurface.LivePicture.FlashPix.1 (DirectTransform FlashPix) ActiveX control in DXTLIPI.DLL 6.0.2.827, as packaged in Microsoft DirectX Media 6.0 SDK, allows remote attackers to execute arbitrary code via a long SourceUrl property value.

Affected

1 ranges
VendorProductVersion rangeFixed in
microsoftdirectx_media

Detection & IOCsextracted from sources · hover to see the quote

filenameDXTLIPI.DLL
versionDXTLIPI.DLL 6.0.2.827
otherDXSurface.LivePicture.FlashPix.1
bytes
%u9090%u9090%ue8fc%u0044%u0000%u458b%u8b3c%u057c%u0178%u8bef%u184f%u5f8b%u0120%u49eb%u348b%u018b%u31ee%u99c0%u84ac%u74c0%uc107%u0dca%uc201%uf4eb%u543b%u0424%ue575%u5f8b%u0124%u66eb%u0c8b%u8b4b%u1c5f%ueb01%u1c8b%u018b%u89eb%u245c%uc304%uc031%u8b64%u3040%uc085%u0c78%u408b%u8b0c%u1c70%u8bad%u0868%u09eb%u808b%u00b0%u0000%u688b%u5f3c%uf631%u5660%uf889%uc083%u507b%uf068%u048a%u685f%ufe98%u0e8a%uff57%u63e7%u6c61%u0063
bytes
%u0D0D%u0D0D
  • Heap spray targets the fixed address 0x0D0D0D0D using NOP sled pattern 0x0D0D0D0D; detect large allocations of repeated \x0D\x0D\x0D\x0D bytes in browser heap memory as an indicator of this exploit.
  • Monitor instantiation of the ProgID 'DXSurface.LivePicture.FlashPix.1' (CLSID in DXTLIPI.DLL) via ActiveX in Internet Explorer; any web page instantiating this control and setting a long SourceUrl property should be treated as suspicious.
  • ·Exploit was tested specifically against Internet Explorer 6 on Windows XP SP2; behavior on other browsers or OS versions is not confirmed by the source.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.