The DXTLIPI.DLL associated with the FlashPix ActiveX control, part of the Microsoft DirectX Media SDK, has been discovered to have a buffer overflow vulnerability affecting the SourceUrl() property. Public exploit code is readily available.

Description:

Earlier this week it was discovered that an ActiveX control associated with the Microsoft DirectX Media SDK, specifically the DirectTransform FlashPix ActiveX control, contains a vulnerability that allows an attacker to take control over a victim's system if the victim can be convinced to interact with a malicious site.

It is possible that the affected ActiveX control is also available via other products.

Public exploit code is readily available from a number of sources.

Mitigation:

It is possible to mitigate the threat by setting the Registry killbit (201EA564-A6F6-11D1-811D-00C04FB6BD36) for the affected ActiveX control. Alternatively, disable support for all ActiveX controls in order to mitigate.

Updates:

Source:

Krystian Kloskowski (h07)

Exploits:

http://milw0rm.com/exploits/4279

US-CERT VU#466601