Executive Summary
Summary | |
---|---|
Title | Windows Media Encoder WMEX.DLL ActiveX Control buffer overflow |
Informations | |||
---|---|---|---|
Name | VU#996227 | First vendor Publication | 2008-09-09 |
Vendor | VU-CERT | Last vendor Modification | 2008-10-02 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#996227Windows Media Encoder WMEX.DLL ActiveX Control buffer overflowOverviewThe WMEX.DLL ActiveX control, which is installed by Windows Media Encoder 9 Series, contains a buffer overflow vulnerability.I. DescriptionAccording to Microsoft, the Windows Media Encoder is a tool used to capture audio and video content using Windows Media. The WMEX.DLL ActiveX control contains a buffer overflow vulnerability.II. ImpactBy convincing a user to view a specially crafted web page, an attacker may be able to execute arbitrary code with the privileges of the user.III. SolutionApply an updateMicrosoft has published Microsoft Security Bulletin MS08-053 in response to this issue.
References
Microsoft credits Nguyen Minh Duc and Le Manh Tung, with Bach Khoa Internetwork Security Center (BKIS), Hanoi University of Technology (Vietnam), for reporting this vulnerability. This document was written by John Hollenberger.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/996227 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:6018 | |||
Oval ID: | oval:org.mitre.oval:def:6018 | ||
Title: | Windows Media Encoder Buffer Overrun Vulnerability | ||
Description: | Stack-based buffer overflow in the WMEncProfileManager ActiveX control in wmex.dll in Microsoft Windows Media Encoder 9 Series allows remote attackers to execute arbitrary code via a long first argument to the GetDetailsString method, aka "Windows Media Encoder Buffer Overrun Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-3008 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | Microsoft Media Encoder |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Os | 1 | |
Os | 4 | |
Os | 2 | |
Os | 1 |
SAINT Exploits
Description | Link |
---|---|
Windows Media Encoder 9 wmex.dll ActiveX buffer overflow | More info here |
OpenVAS Exploits
Date | Description |
---|---|
2008-09-10 | Name : Windows Media Encoder 9 Remote Code Execution Vulnerability (954156) File : nvt/secpod_ms08-053_900044.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
47962 | Microsoft Windows Media Encoder wmex.dll ActiveX Overflow A buffer overflow exists in Windows. The wmex.dll ActiveX control fails to validate data passed to the GetDetailsString method resulting in a stack overflow. With a specially crafted web site, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2008-09-11 | IAVM : 2008-B-0057 - Microsoft Windows Media Encoder Remote Code Execution Vulnerability Severity : Category II - VMSKEY : V0017344 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft Windows Media Encoder 9 ActiveX function call access RuleID : 27800 - Revision : 2 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Windows Media Encoder 9 ActiveX buffer overflow attempt RuleID : 16578 - Revision : 7 - Type : OS-WINDOWS |
2014-01-10 | Windows Media Encoder 9 ActiveX function call unicode access RuleID : 14258 - Revision : 7 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Windows Media Encoder 9 ActiveX function call access RuleID : 14257 - Revision : 10 - Type : BROWSER-PLUGINS |
2014-01-10 | Windows Media Encoder 9 ActiveX clsid unicode access RuleID : 14256 - Revision : 7 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Windows Media Encoder 9 ActiveX clsid access RuleID : 14255 - Revision : 14 - Type : BROWSER-PLUGINS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2008-09-10 | Name : Arbitrary code can be executed on the remote host through Media Player. File : smb_nt_ms08-053.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2015-04-15 13:28:40 |
|
2013-05-11 00:57:31 |
|