Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2008-5232 | First vendor Publication | 2008-11-25 |
Vendor | Cve | Last vendor Modification | 2019-12-03 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Buffer overflow in the CallHTMLHelp method in the Microsoft Windows Media Services ActiveX control in nskey.dll 4.1.00.3917 in Windows Media Services on Microsoft Windows NT and 2000, and Avaya Media and Message Application servers, allows remote attackers to execute arbitrary code via a long argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5232 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-787 | Out-of-bounds Write (CWE/SANS Top 25) |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 1 | |
Os | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2009-02-04 | Name : Detection of Dangerous ActiveX Control File : nvt/secpod_dangerous_activex_ctrl.nasl |
2008-11-27 | Name : Microsoft Windows Media Services nskey.dll ActiveX BOF Vulnerability File : nvt/gb_ms_win_media_services_actvx_bof_vuln.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
50533 | Microsoft Windows Media Services nskey.dll ActiveX CallHTMLHelp Method Overflow |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft Windows Media Services CallHTMLHelp ActiveX buffer overflow attempt RuleID : 27205 - Revision : 3 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Windows Media Services ActiveX function call unicode access RuleID : 14238 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Windows Media Services ActiveX function call access RuleID : 14237 - Revision : 10 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Windows Media Services ActiveX clsid unicode access RuleID : 14236 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Windows Media Services CallHTMLHelp ActiveX buffer overflow attempt RuleID : 14235 - Revision : 12 - Type : BROWSER-PLUGINS |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:08:42 |
|
2021-04-22 01:09:02 |
|
2020-05-23 00:22:37 |
|
2018-10-31 00:19:54 |
|
2017-08-08 09:24:32 |
|
2016-09-30 01:01:52 |
|
2016-06-28 17:21:24 |
|
2014-01-19 21:25:26 |
|
2013-05-11 00:31:08 |
|