CVE-2006-4183
Microsoft DirectX SDK - Heap-Based Buffer Overflow via Crafted Targa File
Title source: llmDescription
Heap-based buffer overflow in Microsoft DirectX SDK (February 2006) and probably earlier, including 9.0c End User Runtimes, allows context-dependent attackers to execute arbitrary code via a crafted Targa file with a run-length-encoding (RLE) compression that produces more data than expected when decoding.
References (8)
Core 8
Core References
Various Sources x_refsource_misc
http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=52
Third Party Advisory third-party-advisory
x_refsource_idefense
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=562
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1018420
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/24963
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/35492
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26131
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/474058/100/0/threaded
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2577
Scores
EPSS
0.0816
EPSS Percentile
94.2%
Details
CWE
CWE-119
Status
published
Products (1)
microsoft/directx_sdk
february_2006
Published
Jul 18, 2007
Tracked Since
Feb 18, 2026