Release DateSep 11, 2008 |
Severitylow |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt against a buffer-overflow vulnerability in Microsoft Windows Media Encoder.The vulnerability is in the ActiveX control WMEX.DLL. It is caused by the application's inability to properly check the bounds of user-supplied input. Successful exploitation may result to remote code execution. |
Affected ProductsMicrosoft Windows Media Encoder version 9 |
Recommended ActionsApply the patch, available from the following web site:http://www.microsoft.com/technet/security/Bulletin/ms08-053.mspx |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2008-3008 |
Reference/shttp://milw0rm.org/exploits/6454http://technet.microsoft.com/en-us/security/bulletin/ms08-053.mspx (MS-ID) http://www.securityfocus.com/bid/31065 (BugTraq) |
