[NT]Vulnerability in Windows Media Encoder 9 Allows Code Execution (MS08-053)
- From: SecuriTeam <support@xxxxxxxxxxxxxx>
- Date: 4 Oct 2008 18:19:24 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html
- - - - - - - - -
Vulnerability in Windows Media Encoder 9 Allows Code Execution (MS08-053)
------------------------------------------------------------------------
SUMMARY
This security update resolves a privately reported vulnerability in
Windows Media Encoder 9 Series. The vulnerability could allow remote code
execution if a user viewed a specially crafted Web page. If a user is
logged on with administrative user rights, an attacker who successfully
exploited this vulnerability could take complete control of an affected
system. An attacker could then install programs; view, change, or delete
data; or create new accounts with full user rights. Users whose accounts
are configured to have fewer user rights on the system could be less
impacted than users who operate with administrative user rights.
This security update is rated Critical for all supported and affected
editions of Microsoft Windows 2000, Windows XP, and Windows Vista, and
Moderate for supported and affected versions of Windows Server 2003 and
Windows Server 2008. For more information, see the subsection, Affected
and Non-Affected Software, in this section.
DETAILS
Affected Software:
* Microsoft Windows 2000 Service Pack 4 - Windows Media Encoder 9 Series
- Remote Code Execution - Critical - None
* Windows XP Service Pack 2 and Windows XP Service Pack 3 - Windows Media
Encoder 9 Series - Remote Code Execution - Critical - None
* Windows XP Professional x64 Edition and Windows XP Professional x64
Edition Service Pack 2 - Windows Media Encoder 9 Series - Windows Media
Encoder 9 Series x64 Edition - Remote Code Execution - Critical - None
* Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack
2 - Windows Media Encoder 9 Series - Remote Code Execution - Moderate -
None
* Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition
Service Pack 2 - Windows Media Encoder 9 Series - Windows Media Encoder 9
Series x64 Edition - Remote Code Execution - Moderate - None
* Windows Vista and Windows Vista Service Pack 1 - Windows Media Encoder
9 Series - Remote Code Execution - Critical - None
* Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1
- Windows Media Encoder 9 Series and Windows Media Encoder 9 Series x64
Edition - Remote Code Execution - Critical - None
* Windows Server 2008 for 32-bit Systems* - Windows Media Encoder 9
Series - Remote Code Execution - Moderate - None
* Windows Server 2008 for x64-based Systems* - Windows Media Encoder 9
Series and Windows Media Encoder 9 Series x64 Edition - Remote Code
Execution - Moderate - None
*Windows Server 2008 server core installation not affected. The
vulnerability addressed by this update does not affect supported editions
of Windows Server 2008 if Windows Server 2008 was installed using the
Server Core installation option, even though the files affected by this
vulnerability may be present on the system. However, users with the
affected files will still be offered this update because the update files
are newer (with higher version numbers) than the files that are currently
on your system. For more information on this installation option, see
Server Core. Note that the Server Core installation option does not apply
to certain editions of Windows Server 2008; see Compare Server Core
Installation Options.
Non-Affected Software:
* Windows Server 2003 with SP1 for Itanium-based Systems and Windows
Server 2003 with SP2 for Itanium-based Systems - Windows Media Encoder 9
Series
* Windows Server 2008 for Itanium-based Systems - Windows Media Encoder 9
Series
Windows Media Encoder Buffer Overrun Vulnerability - CVE-2008-3008
A remote code execution vulnerability exists in the WMEX.DLL ActiveX
control installed by Windows Media Encoder 9 Series. The vulnerability
could allow remote code execution if a user views a specially crafted Web
page. If a user is logged on with administrative user rights, an attacker
who successfully exploited this vulnerability could take complete control
of an affected system. An attacker could then install programs; view,
change, or delete data; or create new accounts with full user rights.
Users whose accounts are configured to have fewer user rights on the
system could be less impacted than users who operate with administrative
user rights.
CVE Information:
<http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3008>
CVE-2008-3008
ADDITIONAL INFORMATION
The information has been provided by Microsoft Product Security.
The original article can be found at:
<http://www.microsoft.com/technet/security/bulletin/ms08-053.mspx>
http://www.microsoft.com/technet/security/bulletin/ms08-053.mspx
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@xxxxxxxxxxxxxx
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@xxxxxxxxxxxxxx
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Prev by Date: [NT]Vulnerabilities in GDI+ Allow Code Execution (MS08-052)
- Next by Date: [NT]Vulnerability in Microsoft Office Allows Code Execution (MS08-055)
- Previous by thread: [NT]Vulnerabilities in GDI+ Allow Code Execution (MS08-052)
- Next by thread: [NT]Vulnerability in Microsoft Office Allows Code Execution (MS08-055)
- Index(es):
Relevant Pages
|
