CVE-2008-2910

Name of the Vulnerable Software and Affected Versions muvee autoProducer versions 6.0 and 6.1

Description The issue is related to a buffer overflow in the DXTTextOutEffect ActiveX control, which can be exploited by remote attackers to execute arbitrary code. This is achieved by providing a long value for the FontSetting property.

Recommendations For muvee autoProducer version 6.0, update to a version that fixes the buffer overflow issue in the DXTTextOutEffect ActiveX control. For muvee autoProducer version 6.1, update to a version that fixes the buffer overflow issue in the DXTTextOutEffect ActiveX control. As a temporary workaround, consider restricting access to the DXTTextOutEffect ActiveX control to minimize the risk of exploitation.