CVE-2008-0015

Deferred

Published: 07 Jul 2009, 23:00

Last modified:18 Feb 2026, 04:56

Vulnerability Summary

Overall Risk (default)

high

70/100

CVSS Score

9.3 HIGH

v2.0 (nvd)

EPSS Score

80.64% CRITICAL

81% probability -6.88%

KEV

Listed

CISA

1 listing

Ransomware

No reports

Public exploits

6 found

Dark Web

Not detected

Timeline

07 Jul 2009, 23:00

Published

Vulnerability first disclosed

17 Feb 2026, 00:00

Added to CISA KEV

Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability

18 Feb 2026, 04:56

Last Modified

Vulnerability information updated

10 Mar 2026, 00:00

CISA Remediation Due

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Description

CVSS Metrics

EPSS Trends

Weaknesses (CWE)

KEV Details

Exploits (6)

Affected Systems

References (21)