PT-2008-6103 · Microsoft · Windows Media Player

Publicado

2008-11-04

Atualizado

2008-11-05

CVE-2008-4927

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Microsoft Windows Media Player versions 9.0 through 11

Description The issue allows user-assisted attackers to cause a denial of service, resulting in an application crash, via a malformed MIDI or DAT file. This is related to MThd Header Parsing.

Recommendations For versions 9.0 through 11, avoid using the affected Microsoft Windows Media Player to open MIDI or DAT files from untrusted sources until a fix is available. As a temporary workaround, consider restricting the use of MIDI and DAT file playback in Microsoft Windows Media Player to minimize the risk of exploitation.

Exploit

Correção

DoS

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

CVE-2008-4927

Produtos afetados

Windows Media Player

PT-2008-6103 · Microsoft · Windows Media Player

CVE-2008-4927

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3