CVE-2008-0015 Activex-directshow-video-buffer-overflow on current Windows OS since yesterday

hi, has anybody else findings of this old vuln with agent scan in the environment since yesterday? maybe false positives? all os above Windows Server 2012R2 / Win 10 21H2

2022-02-02 15_09_03-InsightVM Security Console __ Vulnerability Information

hello @andreas_welcker yes! I see pretty much all my assets are flagged for this now.

thanks for sharing :slight_smile:

Yes, we are seeing them to. I had to add exceptions but would like to know why they showed up yesterday.


1 Like

Yup, I’m seeing it too. Rapid7 “modified” this vulnerability check on 2/2, apparently.

This issue should now be fixed once you apply the content release for 2022-02-02.

What happened was an update on 2022-02-01 included a small fix to help one customer experiencing a false positive for this CVE.

Unfortunately, it inadvertently highlighted a separate bug in the agent resulting in the false positives you have seen.

The content update shipped 2022-02-02 has rectified this and added more robust logic to the check.