Home Messaggi odierni FAQ Ricerca avanzata Lo staff del forum Regolamento Utenti Archivio

Visualizzazione dei risultati da 1 a 2 su 2

Discussione: Vulnerabilità Windows Media Player

Navigazione veloce Sicurezza informatica e virus Vai in cima

Visualizzazione discussione

15-02-2006, 09:05 #2
thomas_anderson

Visualizza il profilo

Visualizza i messaggi forum

Messaggio privato

Vai alla Home Page
Utente di HTML.it

Registrato dal

Aug 2005

Messaggi

2,520
Vulnerabilità n° 2

TITLE:
Windows Media Player Plug-in EMBED Element Processing Vulnerability

SECUNIA ADVISORY ID:
SA18852

VERIFY ADVISORY:
http://secunia.com/advisories/18852/

CRITICAL:
Highly critical

IMPACT:
System access

WHERE:
>From remote

OPERATING SYSTEM:
Microsoft Windows XP Professional
http://secunia.com/product/22/
Microsoft Windows XP Home Edition
http://secunia.com/product/16/
Microsoft Windows Server 2003 Web Edition
http://secunia.com/product/1176/
Microsoft Windows Server 2003 Standard Edition
http://secunia.com/product/1173/
Microsoft Windows Server 2003 Enterprise Edition
http://secunia.com/product/1174/
Microsoft Windows Server 2003 Datacenter Edition
http://secunia.com/product/1175/
Microsoft Windows 2000 Server
http://secunia.com/product/20/
Microsoft Windows 2000 Professional
http://secunia.com/product/1/
Microsoft Windows 2000 Datacenter Server
http://secunia.com/product/1177/
Microsoft Windows 2000 Advanced Server
http://secunia.com/product/21/

DESCRIPTION:
A vulnerability has been reported in Windows Media Player plug-in,
which can be exploited by malicious people to compromise a user's
system.

The vulnerability is caused due to a boundary error within the
handling of malformed EMBED elements and can be exploited to cause a
buffer overflow via e.g. a malicious web site containing a specially
crafted EMBED element.

Successful exploitation allows execution of arbitrary code.

NOTE: The vulnerability does not affect users of Internet Explorer.

SOLUTION:
Apply patches.

Microsoft Windows 2000 SP4:
http://www.microsoft.com/downloads/d...A-BB8570A7321C

Microsoft Windows XP SP1 / Microsoft Windows XP SP2:
http://www.microsoft.com/downloads/d...A-BB8570A7321C

Microsoft Windows Server 2003 and Microsoft Windows Server 2003 SP1:
http://www.microsoft.com/downloads/d...A-BB8570A7321C

Microsoft Windows XP Professional x64 Edition:
http://www.microsoft.com/downloads/d...A-84838BEE151C

Microsoft Windows Server 2003 x64 Edition:
http://www.microsoft.com/downloads/d...1-4F98FED9FBA6

PROVIDED AND/OR DISCOVERED BY:
The vendor credits John Cobb, iDefense.

ORIGINAL ADVISORY:
MS06-006 (KB911564):
http://www.microsoft.com/technet/sec.../MS06-006.mspx

----------------------------------------------------------------------

Gabriele Romanato
onwebdev -
Rispondi quotando

Navigazione veloce Sicurezza informatica e virus Vai in cima

« Discussione precedente | Prossima discussione »

Permessi di invio

Non puoi inserire discussioni
Non puoi inserire repliche
Non puoi inserire allegati
Non puoi modificare i tuoi messaggi

Il codice BB è attivo
Le smilie sono attive
Il codice [IMG] attivo
[VIDEO] code is disattivato
il codice HTML è disattivato

Regole del Forum

Powered by vBulletin® Version 4.2.1
Copyright © 2025 vBulletin Solutions, Inc. All rights reserved.