CVE-2008-3008
Published Sep 11, 2008
Last updated 6 years ago
Overview
- Description
- Stack-based buffer overflow in the WMEncProfileManager ActiveX control in wmex.dll in Microsoft Windows Media Encoder 9 Series allows remote attackers to execute arbitrary code via a long first argument to the GetDetailsString method, aka "Windows Media Encoder Buffer Overrun Vulnerability."
- Source
- secure@microsoft.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-119
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:windows_media_encoder:9_series:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8494DA8E-2E88-46FE-9FE1-A09DF53BF1FB"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows-nt:2008:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "ABC3CA16-2694-4C05-A404-029DB179C47D"
},
{
"criteria": "cpe:2.3:o:microsoft:windows-nt:2008:*:x64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2B89E436-C99E-4F68-AADD-E5980B346E95"
},
{
"criteria": "cpe:2.3:o:microsoft:windows-nt:xp:sp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "73AED29E-B778-4186-8968-EB608E34E540"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CA2CBE65-F4B6-49AF-983C-D3CF6C172CC5"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:-:*:x64:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FDDFEA49-9B44-498E-B2DB-E1FC778DE7EB"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:-:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2A0607E7-B416-4AF8-ADF6-6E503627DD29"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:-:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3C0C7D2B-0AA5-4E82-B58B-2668A0EAC2E9"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:-:sp2:x64:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D5F7729-A095-43DF-BF2F-B4B6938087FA"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "34DF3B5E-F17F-49B4-9DC8-06749F3C9CC3"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]