Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5232

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-5232
Last Modified 20 Aug 2009 01:23:00
Published 25 Nov 2008 08:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-5232

Summary

Buffer overflow in the CallHTMLHelp method in the Microsoft Windows Media Services ActiveX control in nskey.dll 4.1.00.3917 in Windows Media Services on Microsoft Windows NT and 2000, and Avaya Media and Message Application servers, allows remote attackers to execute arbitrary code via a long argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Systems

Operating System

  • Microsoft Windows 2000

  • Microsoft Windows Nt


References

XF - windowsmediaservices-callhtmlhelp-bo(44629)

MISC - http://www.securityfocus.com/data/vulnerabilities/exploits/30814.html.txt

BID - 30814

SECTRACK - 1020733

MISC - http://packetstormsecurity.org/0808-exploits/wms-overflow.txt


Last Updated: 27 May 2016 10:48:44