1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

MSWebDVD ActiveX Control long password buffer overflow

Discussion in 'All Other Software' started by eddie5659, Apr 7, 2004.

Thread Status:
Not open for further replies.
  1. eddie5659

    eddie5659 Moderator Malware Specialist Thread Starter

    Mar 19, 2001

    Sticking this at the top for a week, if anyone is interested :)

    Microsoft's MSWebDVD ActiveX Control is a DVD control object that allows users to view DVD films using a browser for Microsoft Windows operating systems. MSWebDVD ActiveX Control running on Windows XP Professional SP1 and SP2 is vulnerable to a denial of service attack, caused by a buffer overflow in the AcceptParentalLevelChange function. By supplying a long password containing more than 255 characters, a remote attacker could overflow a buffer and cause the ActiveX control to crash.

    Platforms Affected:

    Microsoft Corporation: Windows XP Professional SP1
    Microsoft Corporation: Windows XP Professional SP2

    No remedy available as of April 2004.

    Note: Microsoft recommends using the MSVidWebDVD ActiveX Control on Windows XP and later operating systems. Refer to the MSWebDVD ActiveX Control Web page for more information.


    Denial of Service



As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/218173

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice