certfr_avis - certa-2008-avi-450

CERTA-2008-AVI-450

Vulnerability from certfr_avis

Une vulnérabilité a été identifiée dans le contrôle ActiveX installé par Windows Media Encoder 9 Series. L'exploitation de celle-ci, par exemple via une page Web spécialement construite, peut entraîner l'exécution de code arbitraire sur un système vulnérable.

Description

Une vulnérabilité a été identifiée dans le contrôle ActiveX wmex.dll installé par Windows Media Encoder 9 Series. Le produit n'est pas installé par défaut mais si c'est le cas, alors le contrôle ActiveX dispose des propriétés SFS (Safe for Scripting). Une personne malveillante peut exploiter cette vulnérabilité par le biais d'une page Web spécialement construite afin de faire exécuter du code arbitraire sur le système vulnérable.

Solution

Se référer au bulletin de sécurité MS08-053 de Microsoft pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Windows Vista, Service Pack 1 et Edition x64 compris ;
Microsoft	Windows	Windows Server 2008 pour systèmes 32-bit ou x64.
Microsoft	Windows	Windows Server 2003 Service Packs 1 et 2, y compris Edition x64 ;
Microsoft	Windows	Windows XP Service Packs 2 et 3 ;
Microsoft	Windows	Windows XP Professionnel Edition x64, Service Pack 2 compris ;
Microsoft	Windows	Microsoft Windows 2000 Service Pack 4 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS08-053 du 09 septembre 2008	None	vendor-advisory
Bulletin de sécurité Microsoft MS08-053 du 09 septembre 2008 :	-	other
Bulletin de sécurité Microsoft MS08-053 du 09 septembre 2008 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Windows Vista, Service Pack 1 et Edition x64 compris ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2008 pour syst\u00e8mes 32-bit ou x64.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows Server 2003 Service Packs 1 et 2, y compris Edition x64 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows XP Service Packs 2 et 3 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Windows XP Professionnel Edition x64, Service Pack 2 compris ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows 2000 Service Pack 4 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans le contr\u00f4le ActiveX wmex.dll\ninstall\u00e9 par Windows Media Encoder 9 Series. Le produit n\u0027est pas\ninstall\u00e9 par d\u00e9faut mais si c\u0027est le cas, alors le contr\u00f4le ActiveX\ndispose des propri\u00e9t\u00e9s SFS (Safe for Scripting). Une personne\nmalveillante peut exploiter cette vuln\u00e9rabilit\u00e9 par le biais d\u0027une page\nWeb sp\u00e9cialement construite afin de faire ex\u00e9cuter du code arbitraire\nsur le syst\u00e8me vuln\u00e9rable.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 MS08-053 de Microsoft pour\nl\u0027obtention des correctifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-3008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3008"
    }
  ],
  "initial_release_date": "2008-09-10T00:00:00",
  "last_revision_date": "2008-09-10T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS08-053 du 09 septembre    2008 :",
      "url": "http://www.microsoft.com/france/technet/security/Bulletin/MS08-053.mspx"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS08-053 du 09 septembre    2008 :",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS08-053.mspx"
    }
  ],
  "reference": "CERTA-2008-AVI-450",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-09-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e dans le contr\u00f4le ActiveX install\u00e9 par\nWindows Media Encoder 9 Series. L\u0027exploitation de celle-ci, par exemple\nvia une page Web sp\u00e9cialement construite, peut entra\u00eener l\u0027ex\u00e9cution de\ncode arbitraire sur un syst\u00e8me vuln\u00e9rable.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Windows Media Encoder 9 Series",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS08-053 du 09 septembre 2008",
      "url": null
    }
  ]
}

CVE-2008-3008 (GCVE-0-2008-3008)

Vulnerability from cvelistv5

Published

2008-09-10 15:00

Modified

2024-08-07 09:21

Severity ?

CWE

Summary

Stack-based buffer overflow in the WMEncProfileManager ActiveX control in wmex.dll in Microsoft Windows Media Encoder 9 Series allows remote attackers to execute arbitrary code via a long first argument to the GetDetailsString method, aka "Windows Media Encoder Buffer Overrun Vulnerability."

References

URL

Tags

	http://www.kb.cert.org/vuls/id/996227	third-party-advisory, x_refsource_CERT-VN
	http://marc.info/?l=bugtraq&m=122235754013992&w=2	vendor-advisory, x_refsource_HP
	http://www.securitytracker.com/id?1020832	vdb-entry, x_refsource_SECTRACK
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6018	vdb-entry, signature, x_refsource_OVAL
	http://www.securityfocus.com/bid/31065	vdb-entry, x_refsource_BID
	http://marc.info/?l=bugtraq&m=122235754013992&w=2	vendor-advisory, x_refsource_HP
	https://www.exploit-db.com/exploits/6454	exploit, x_refsource_EXPLOIT-DB
	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-053	vendor-advisory, x_refsource_MS
	http://www.us-cert.gov/cas/techalerts/TA08-253A.html	third-party-advisory, x_refsource_CERT
	http://www.vupen.com/english/advisories/2008/2521	vdb-entry, x_refsource_VUPEN

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:21:34.933Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VU#996227",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/996227"
          },
          {
            "name": "HPSBST02372",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
          },
          {
            "name": "1020832",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020832"
          },
          {
            "name": "oval:org.mitre.oval:def:6018",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6018"
          },
          {
            "name": "31065",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/31065"
          },
          {
            "name": "SSRT080133",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
          },
          {
            "name": "6454",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/6454"
          },
          {
            "name": "MS08-053",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-053"
          },
          {
            "name": "TA08-253A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
          },
          {
            "name": "ADV-2008-2521",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2521"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-09-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the WMEncProfileManager ActiveX control in wmex.dll in Microsoft Windows Media Encoder 9 Series allows remote attackers to execute arbitrary code via a long first argument to the GetDetailsString method, aka \"Windows Media Encoder Buffer Overrun Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "VU#996227",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/996227"
        },
        {
          "name": "HPSBST02372",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
        },
        {
          "name": "1020832",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020832"
        },
        {
          "name": "oval:org.mitre.oval:def:6018",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6018"
        },
        {
          "name": "31065",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/31065"
        },
        {
          "name": "SSRT080133",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
        },
        {
          "name": "6454",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/6454"
        },
        {
          "name": "MS08-053",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-053"
        },
        {
          "name": "TA08-253A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
        },
        {
          "name": "ADV-2008-2521",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2521"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2008-3008",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the WMEncProfileManager ActiveX control in wmex.dll in Microsoft Windows Media Encoder 9 Series allows remote attackers to execute arbitrary code via a long first argument to the GetDetailsString method, aka \"Windows Media Encoder Buffer Overrun Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#996227",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/996227"
            },
            {
              "name": "HPSBST02372",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
            },
            {
              "name": "1020832",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020832"
            },
            {
              "name": "oval:org.mitre.oval:def:6018",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6018"
            },
            {
              "name": "31065",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/31065"
            },
            {
              "name": "SSRT080133",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=122235754013992\u0026w=2"
            },
            {
              "name": "6454",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/6454"
            },
            {
              "name": "MS08-053",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-053"
            },
            {
              "name": "TA08-253A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA08-253A.html"
            },
            {
              "name": "ADV-2008-2521",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2521"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2008-3008",
    "datePublished": "2008-09-10T15:00:00",
    "dateReserved": "2008-07-07T00:00:00",
    "dateUpdated": "2024-08-07T09:21:34.933Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CERTA-2008-AVI-450

Vulnerability from certfr_avis

Description

Solution

CVE-2008-3008 (GCVE-0-2008-3008)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature