Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2008-2253 | First vendor Publication | 2008-09-10 |
Vendor | Cve | Last vendor Modification | 2018-10-30 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Unspecified vulnerability in Microsoft Windows Media Player 11 allows remote attackers to execute arbitrary code via a crafted audio-only file that is streamed from a Server-Side Playlist (SSPL) on Windows Media Server, aka "Windows Media Player Sampling Rate Vulnerability." |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2253 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:5615 | |||
Oval ID: | oval:org.mitre.oval:def:5615 | ||
Title: | Windows Media Player Sampling Rate Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft Windows Media Player 11 allows remote attackers to execute arbitrary code via a crafted audio-only file that is streamed from a Server-Side Playlist (SSPL) on Windows Media Server, aka "Windows Media Player Sampling Rate Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-2253 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | Microsoft Media Player |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2008-09-10 | Name : Windows Media Player 11 Remote Code Execution Vulnerability (954154) File : nvt/secpod_ms08-054_900045.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
47963 | Microsoft Windows Media Player Audio File Sampling Rate Remote Code Execution An unspecified remote code execution flaw exists in Windows. Windows Media Player fails to validate audio streams resulting in remote code execution. With a specially crafted audio stream, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2008-09-11 | IAVM : 2008-A-0064 - Microsoft Windows Media Player Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0017342 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Windows Media Player malicious playlist buffer overflow attempt RuleID : 14254 - Revision : 17 - Type : FILE-MULTIMEDIA |
2014-01-10 | Windows Media Player malicious playlist buffer overflow attempt RuleID : 14253 - Revision : 17 - Type : FILE-MULTIMEDIA |
2014-01-10 | Windows Media Player malicious playlist buffer overflow attempt RuleID : 14252 - Revision : 17 - Type : FILE-MULTIMEDIA |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2008-09-10 | Name : Arbitrary code can be executed on the remote host through the Media Player. File : smb_nt_ms08-054.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2020-05-23 00:21:41 |
|
2018-10-31 00:19:52 |
|
2018-10-13 00:22:41 |
|
2017-11-22 17:21:57 |
|
2017-09-29 09:23:32 |
|
2016-11-08 21:24:32 |
|
2016-09-30 01:01:44 |
|
2016-06-28 23:59:37 |
|
2016-04-26 17:24:17 |
|
2014-02-17 10:44:59 |
|
2014-01-19 21:25:00 |
|
2013-11-11 12:37:55 |
|
2013-05-11 00:17:08 |
|