Microsoft Windows Movie Maker 'hhctrl.ocx' DLL Loading Arbitrary Code Execution Vulnerability

Bugtraq ID: 42659
Class: Design Error
CVE: CVE-2010-3967
Remote: Yes
Local: No
Published: Aug 24 2010 12:00AM
Updated: Dec 14 2010 04:24PM
Credit: TheLeader, HD Moore
Vulnerable: Microsoft Windows Movie Maker 2.6.4038.0
Microsoft Movie Maker 2.6
+ Microsoft Windows Vista Ultimate SP1
+ Microsoft Windows Vista Ultimate SP1
+ Microsoft Windows Vista SP2
+ Microsoft Windows Vista SP2
+ Microsoft Windows Vista SP1
+ Microsoft Windows Vista SP1
+ Microsoft Windows Vista Home Premium SP2
+ Microsoft Windows Vista Home Premium SP2
+ Microsoft Windows Vista Home Premium SP1
+ Microsoft Windows Vista Home Premium SP1
+ Microsoft Windows Vista Home Premium
+ Microsoft Windows Vista Home Premium
+ Microsoft Windows Vista Home Basic SP2
+ Microsoft Windows Vista Home Basic SP2
+ Microsoft Windows Vista Home Basic SP1
+ Microsoft Windows Vista Home Basic SP1
+ Microsoft Windows Vista Home Basic
+ Microsoft Windows Vista Home Basic
+ Microsoft Windows Vista Enterprise SP2
+ Microsoft Windows Vista Enterprise SP2
+ Microsoft Windows Vista Enterprise SP1
+ Microsoft Windows Vista Enterprise SP1
+ Microsoft Windows Vista Enterprise
+ Microsoft Windows Vista Enterprise
+ Microsoft Windows Vista Business SP2
+ Microsoft Windows Vista Business SP2
+ Microsoft Windows Vista Business SP1
+ Microsoft Windows Vista Business SP1
+ Microsoft Windows Vista Business
+ Microsoft Windows Vista Business
+ Microsoft Windows Vista Business 64-bit edition SP2
+ Microsoft Windows Vista Business 64-bit edition SP2
+ Microsoft Windows Vista Business 64-bit edition SP1
+ Microsoft Windows Vista Business 64-bit edition SP1
+ Microsoft Windows Vista Business 64-bit edition 0
+ Microsoft Windows Vista Business 64-bit edition 0
+ Microsoft Windows Vista Enterprise 64-bit edition SP2
+ Microsoft Windows Vista Enterprise 64-bit edition SP2
+ Microsoft Windows Vista Enterprise 64-bit edition SP1
+ Microsoft Windows Vista Enterprise 64-bit edition SP1
+ Microsoft Windows Vista Enterprise 64-bit edition 0
+ Microsoft Windows Vista Enterprise 64-bit edition 0
+ Microsoft Windows Vista Home Basic 64-bit edition SP2
+ Microsoft Windows Vista Home Basic 64-bit edition SP2
+ Microsoft Windows Vista Home Basic 64-bit edition SP1
+ Microsoft Windows Vista Home Basic 64-bit edition SP1
+ Microsoft Windows Vista Home Basic 64-bit edition 0
+ Microsoft Windows Vista Home Basic 64-bit edition 0
+ Microsoft Windows Vista Home Premium 64-bit edition SP2
+ Microsoft Windows Vista Home Premium 64-bit edition SP2
+ Microsoft Windows Vista Home Premium 64-bit edition SP1
+ Microsoft Windows Vista Home Premium 64-bit edition SP1
+ Microsoft Windows Vista Home Premium 64-bit edition 0
+ Microsoft Windows Vista Home Premium 64-bit edition 0
+ Microsoft Windows Vista Ultimate 64-bit edition SP2
+ Microsoft Windows Vista Ultimate 64-bit edition SP2
+ Microsoft Windows Vista Ultimate 64-bit edition SP1
+ Microsoft Windows Vista Ultimate 64-bit edition SP1
+ Microsoft Windows Vista Ultimate 64-bit edition 0
+ Microsoft Windows Vista Ultimate 64-bit edition 0
+ Microsoft Windows Vista x64 Edition SP2
+ Microsoft Windows Vista x64 Edition SP2
+ Microsoft Windows Vista x64 Edition SP1
+ Microsoft Windows Vista x64 Edition SP1
+ Microsoft Windows Vista x64 Edition 0
+ Microsoft Windows Vista x64 Edition 0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus