Windows Media Encoder Buffer Overrun Vulnerability
Severity: CRITICAL
CVE Identifier: CVE-2008-3008,MS08-053
Advisory Date: JUL 21, 2015
DESCRIPTION
Stack-based buffer overflow in the WMEncProfileManager ActiveX control in wmex.dll in Microsoft Windows Media Encoder 9 Series allows remote attackers to execute arbitrary code via a long first argument to the GetDetailsString method, aka "Windows Media Encoder Buffer Overrun Vulnerability."
TREND MICRO PROTECTION INFORMATION
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1002061
Trend Micro Deep Security DPI Rule Name: 1002760 - Windows Media Encoder Buffer Overrun Vulnerability
AFFECTED SOFTWARE AND VERSION
- microsoft windows-nt 2000
- microsoft windows-nt 2003
- microsoft windows-nt vista
- microsoft windows-nt xp
- microsoft windows_media_encoder 9_series