Integer Overflow in Microsoft Windows Media Player Affects Multiple Versions
CVE-2008-5745

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Media Player
Vendor: CVE Published:; 29 December 2008

What is CVE-2008-5745?

An integer overflow exists in the quartz.dll component of the DirectShow framework within Microsoft Windows Media Player versions 9, 10, and 11. This vulnerability allows remote attackers to craft specific audio file formats, such as WAV, SND, or MID, leading to denial of service through application crashes. It is crucial for users to apply proper security measures to mitigate the risk posed by this vulnerability.

References

http://www.securitytracker.com/id?1021495

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/archive/1/499579/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://securityreason.com/securityalert/4823

third-party-advisoryx_refsource_SREASON

EPSS Score

44% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 29, 2008
Vulnerability Reserved
Dec 29, 2008