Windows Media Player Sampling Rate Vulnerability

Posted on Tuesday, September 09, 2008 @ 18:02:09 UTC in Security
by Raven

SECUNIA ADVISORY ID: SA31726

VERIFY ADVISORY: http://secunia.com/advisories/31726/

CRITICAL: Highly critical

IMPACT: System access

SOFTWARE: Microsoft Windows Media Player 11.x - http://secunia.com/product/11280/

DESCRIPTION: A vulnerability has been reported in Windows Media Player, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error when handling sampling rates. This can be exploited via a specially crafted audio file streamed from a server-side playlist (SSPL). Successful exploitation may allow execution of arbitrary code.

SOLUTION: Apply patches.
Windows XP SP2/SP3: http://www.microsoft.com/downloads/details.aspx?FamilyId=d5891180-5dd1-49ec-bcc6-3030a544202c
Windows XP Professional x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?FamilyId=caf8a45e-a9f8-4e91-98fd-87eddbeae64c
Windows Vista (optionally with SP1): http://www.microsoft.com/downloads/details.aspx?FamilyId=2f4118fd-1ffb-46da-b922-cd4ca4f9d84e
Windows Vista x64 Edition (optionally with SP1): http://www.microsoft.com/downloads/details.aspx?FamilyId=334352e7-d41f-494f-866d-f1f1745ffd17
Windows Server 2008 for 32-bit Systems: http://www.microsoft.com/downloads/details.aspx?FamilyId=72fc6028-6af4-44ec-8d2a-28c53807d6bc
Windows Server 2008 for x64-based Systems: http://www.microsoft.com/downloads/details.aspx?FamilyId=3906512b-26db-473e-b522-3883ff34a21c
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: MS08-054 (KB954154): http://www.microsoft.com/technet/security/Bulletin/MS08-054.mspx
 
 
click Related        click Share
 
News ©

Site Info

Last SeenLast Seen
  • neralex
  • nextgen
Server TrafficServer Traffic
  • Total: 481,636,303
  • Today: 3,605
Server InfoServer Info
  • Mar 29, 2024
  • 04:40 am UTC