1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP MS MPEG2TuneRequestControl ActiveX BO

HTTP MS MPEG2TuneRequestControl ActiveX BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature detects an attempt to instantiate BDATuner.MPEG2TuneRequest ActiveX object. Creation of this object may result in remote code execution which could compromise the target host.

Additional Information

Microsoft TV Technologies is a component that provides support for digital TV applications. It is available for Windows XP.

TV Technologies is prone to a remote code-execution vulnerability that affects the 'BDATuner.MPEG2TuneRequest.1' object and can be triggered when the object is instantiated with malformed input through the 'data' parameter. The object is associated with the following CLSID:


An attacker could exploit this issue by enticing a victim to visit a maliciously crafted site.

Successful exploits may allow an attacker to execute arbitrary code with the privileges of the user running the application.


  • Microsoft Windows XP Home SP2


Download and install all patches from the vendor related to this vulnerability.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube