CVE-2008-3008

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Media Encoder; Windows-nt; Windows 2000; Windows 2003 Server
Vendor: CVE Published:; 11 September 2008

Summary

Stack-based buffer overflow in the WMEncProfileManager ActiveX control in wmex.dll in Microsoft Windows Media Encoder 9 Series allows remote attackers to execute arbitrary code via a long first argument to the GetDetailsString method, aka "Windows Media Encoder Buffer Overrun Vulnerability."

References

http://www.kb.cert.org/vuls/id/996227

third-party-advisoryx_refsource_CERT-VN

http://marc.info/?l=bugtraq&m=122235754013992&w=2

vendor-advisoryx_refsource_HP

http://www.securitytracker.com/id?1020832

vdb-entryx_refsource_SECTRACK

EPSS Score

96% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 11, 2008
Vulnerability Reserved
Jul 7, 2008

Collectors

NVD DatabaseMitre Database