Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.
8.8

Microsoft Windows Video ActiveX Control Lets Attackers Run Malicious Code

Known exploited Exploitation likelihood: 81%
CVE-2008-0015 CVE-2008-0015
Summary

A security flaw in the Microsoft Windows Video ActiveX Control could allow hackers to take control of a user's computer if they visit a malicious website. This could let the hacker do anything the user can do on the computer, including accessing sensitive information or installing malware. Update your software to fix this issue.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software
VendorProductAffected versionsFix available
microsoft windows All versions
microsoft windows_2003_server All versions
microsoft windows_2003_server All versions
microsoft windows_2003_server All versions
microsoft windows_xp All versions
microsoft windows_xp All versions
microsoft windows_xp All versions
Original title
Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability
Original description
Microsoft Windows Video ActiveX Control contains a remote code execution vulnerability. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user.
Vulnerability type
CWE-119 Buffer Overflow
CWE-121 Stack-based Buffer Overflow
Published: 17 Feb 2026 · Updated: 15 Mar 2026 · First seen: 6 Mar 2026