Ravens PHP Scripts

Windows Media Player Sampling Rate Vulnerability
Date: Tuesday, September 09, 2008 @ 19:02:09 CEST
Topic: Security


SECUNIA ADVISORY ID: SA31726

VERIFY ADVISORY: http://secunia.com/advisories/31726/

CRITICAL: Highly critical

IMPACT: System access

SOFTWARE: Microsoft Windows Media Player 11.x - http://secunia.com/product/11280/

DESCRIPTION: A vulnerability has been reported in Windows Media Player, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error when handling sampling rates. This can be exploited via a specially crafted audio file streamed from a server-side playlist (SSPL). Successful exploitation may allow execution of arbitrary code.



SOLUTION: Apply patches.
Windows XP SP2/SP3: http://www.microsoft.com/downloads/details.aspx?FamilyId=d5891180-5dd1-49ec-bcc6-3030a544202c
Windows XP Professional x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?FamilyId=caf8a45e-a9f8-4e91-98fd-87eddbeae64c
Windows Vista (optionally with SP1): http://www.microsoft.com/downloads/details.aspx?FamilyId=2f4118fd-1ffb-46da-b922-cd4ca4f9d84e
Windows Vista x64 Edition (optionally with SP1): http://www.microsoft.com/downloads/details.aspx?FamilyId=334352e7-d41f-494f-866d-f1f1745ffd17
Windows Server 2008 for 32-bit Systems: http://www.microsoft.com/downloads/details.aspx?FamilyId=72fc6028-6af4-44ec-8d2a-28c53807d6bc
Windows Server 2008 for x64-based Systems: http://www.microsoft.com/downloads/details.aspx?FamilyId=3906512b-26db-473e-b522-3883ff34a21c
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: MS08-054 (KB954154): http://www.microsoft.com/technet/security/Bulletin/MS08-054.mspx






This article comes from Ravens PHP Scripts
http://www.ravenphpscripts.com

The URL for this story is:
http://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3446