CERT-In:Indian Computer Emergency Response Team

HOME > VULNERABILITY NOTES

VULNERABILITY NOTE

CERT-In Vulnerability Note CIVN-2008-145
Microsoft Windows Media Player Remote Code Execution Vulnerability

Original Issue Date: September 10, 2008

Severity Rating: High

Systems Affected

Microsoft Windows Media Player 11.x

Overview

A remote code execution vulnerability has been reported in Microsoft windows Media Player that could be exploited by an attacker to execute arbitrary code.

Description

The vulnerability is caused due to a flaw in a way Microsoft Windows Media Player handles sampling rates when audio files are streamed from Server-Side Playlist (SSPL).

The attacker could exploit this vulnerability by streaming specially crafted audio file from Windows Media Server. Successful exploitation allow execution of arbitrary code with the privileges of logged on user.

Workaround

Unregister wmpeffects.dll

For detailed steps and impact of applying these workarounds refer to Microsoft security Bulletin MS08-054

Solution

Apply appropriate patches as mentioned in Microsoft Security Bulletin MS08-054

Vendor Information

Microsoft
http://www.microsoft.com/technet/security/Bulletin/
MS08-54.mspx

References

Secunia
http://secunia.com/advisories/31726

SecurityFocus
http://www.securityfocus.com/bid/30550

CVE Name
CVE-2008-2253

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003

Home || Feedback || FAQ || Disclaimer

CERT-In Vulnerability Note CIVN-2008-145 Microsoft Windows Media Player Remote Code Execution Vulnerability

CERT-In Vulnerability Note CIVN-2008-145
Microsoft Windows Media Player Remote Code Execution Vulnerability