1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Windows Media Encoder ActiveX BO

HTTP Windows Media Encoder ActiveX BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detect attempts to exploit a remote code execution vulnerability by passing long values in vulnerable method of Windows Media Encoder 9 ActiveX control.

Additional Information

A remote code execution vulnerability exists in the WMEX.DLL ActiveX control installed by Windows Media Encoder 9 Series. The vulnerability could allow remote code execution if a user views a specially crafted Web page. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, see CVE-2008-3008.

Affected

  • Microsoft Windows 2000
  • Windows XP
  • Windows Vista
  • Windows Server 2003
  • Windows Server 2008

Response

Download and install all vendor patches related to this vulnerability.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube