CVE-2008-0015

HIGH KEV

ATL < unknown - Buffer Overflow

Title source: llm

Description

Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka "Microsoft Video ActiveX Control Vulnerability."

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/16615

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by David Kennedy (ReL1K) · pythonremotewindows

https://www.exploit-db.com/exploits/9108

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/msvidctl_mpeg2.rb

View Code ZIP pw:eip

References (21)

[Various Sources] http://blogs.technet.com/srd/archive/2009/08/11/ms09-037-why-we-are-using-cve-s-already-used-in-ms09-035.aspx

[Exploit] http://isc.sans.org/diary.html?storyid=6733

[Third Party Advisory, VDB Entry] http://osvdb.org/55651

[Exploit] http://www.csis.dk/dk/nyheder/nyheder.asp?tekstID=799

[Exploit] http://www.iss.net/threats/329.html

[US Government Resource] http://www.kb.cert.org/vuls/id/180513

[Vendor Advisory] http://www.microsoft.com/technet/security/advisory/972890.mspx

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1022514

[US Government Resource] http://www.us-cert.gov/cas/techalerts/TA09-187A.html

[US Government Resource] http://www.us-cert.gov/cas/techalerts/TA09-195A.html

[US Government Resource] http://www.us-cert.gov/cas/techalerts/TA09-223A.html

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-032

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-037

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6333

[Third Party Advisory, US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2008-0015

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/35558

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/35585

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6363

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7436

[Third Party Advisory] http://secunia.com/advisories/36187

... and 1 more

Scores

CVSS v3 8.8

EPSS 0.8158

EPSS Percentile 99.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CISA KEV 2026-02-17

VulnCheck KEV 2009-07-07

InTheWild.io 2018-10-12

ENISA EUVD EUVD-2008-0028

CWE

CWE-119 CWE-121

Status published

Products (2)

microsoft/windows_2003_server (3 CPE variants)

microsoft/windows_xp (3 CPE variants)

Published Jul 07, 2009

KEV Added Feb 17, 2026

Tracked Since Feb 18, 2026