Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Windows Media Encoder ActiveX code execution
Published:10.09.2008
Source:
SecurityVulns ID:9277
Type:client
Threat Level:
7/10
Description:Control supports unsafe methods.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
 MICROSOFT : Windows 2008 Server
CVE:CVE-2008-3008 (Stack-based buffer overflow in the WMEncProfileManager ActiveX control in wmex.dll in Microsoft Windows Media Encoder 9 Series allows remote attackers to execute arbitrary code via a long first argument to the GetDetailsString method, aka "Windows Media Encoder Buffer Overrun Vulnerability.")
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS08-053 – Critical Vulnerability in Windows Media Encoder 9 Could Allow Remote Code Execution (954156) (10.09.2008)
Files:Microsoft Security Bulletin MS08-053 – Critical Vulnerability in Windows Media Encoder 9 Could Allow Remote Code Execution (954156)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod