NASLDB: MS08-054: Vulnerability in Windows Media Player Could Allow Remote Code Execution (954154)
General
ID: 34122
Name: MS08-054: Vulnerability in Windows Media Player Could Allow Remote Code Execution (954154)
Summary: Checks the version of Media Player
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: CVSS2#E:U/RL:OF/RC:C
Port: 139
Family: Windows : Microsoft Bulletins
Type: Local
Description
The remote host is running Windows Media Player 11.
There is a vulnerability in the remote version of this software that
could allow an attacker to execute arbitrary code on the remote host.
To exploit this flaw, the attacker would need to set up a rogue audio
file and send it to a victim on the remote host.
Exploiting
Exploit Available: False
Exploitability Ease: No known exploits are available
Sources
CVE: CVE-2008-2253
OSVDB: –
Bugtraq: –
scipID: –
Timeline
Vulnerability Disclosure: –
Patch Release: –
Plugin Release: 2008/09/10
Plugin
Version: 1.19
Filename: smb_nt_ms08-054.nasl
Filesize: 3853 bytes
MD5 Hash: 29e95ffb7df35a62b275cfb713f8c789
Identification: Host/patch_management_checks
Require Keys: SMB/MS_Bulletin_Checks/Possible
Dependencies: "smb_hotfixes.nasl", "ms_bulletin_checks_possible.nasl"
Copyright: This script is Copyright© 2008-2012 Tenable Network Security, Inc.
- Latest Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack