PHP Web Host - Quality Web Hosting For All PHP Applications Just Great Software
  Login or Register
 • Home • Downloads • Your Account • Forums • 
Site Navigation

Home:
 
Donate o Meter
Help Keep Our Servers Online AND Our Services Free!
Make donations with PayPal!
Donat-o-Meter Stats
November´s Goal:  $300.00
Due Date:  Nov 30
Net Balance:  $47.65
Left to go:  $252.35
Donations
Micah Nov-14
Rose38478 Nov-11
Doulos Nov-4
 
Please Link To Me!
 
Services Available
Quality PHP Web Host!

Great Reviews!
Need help setting up your website, installing Apache, PHP, MySQL, or PhpNuke?
Need help customizing or designing scripts?
Please contact me via the Contact Us option for further details and pricing.
Link to Me

RavenPHPScripts

RavenPHPScripts

There are more Link To Me icons here.
 
Site Info v2.2.2 ©
Your IP: 38.103.63.58

Welcome, Anonymous
Nickname
Password
Security Code:
Security Code
Type Security Code:

· Register
· Lost Password
Server Date/Time
21 November 2008 05:08:18 EST (GMT -5)
 
Verse of the Day
 
Windows Media Encoder wmex.dll ActiveX Control Buffer Overflow 
Security

SECUNIA ADVISORY ID: SA31724

VERIFY ADVISORY: http://secunia.com/advisories/31724/

CRITICAL: Highly critical

IMPACT: System access

SOFTWARE: Microsoft Windows Media Encoder 9.x - http://secunia.com/product/5895/

DESCRIPTION: A vulnerability has been reported in Windows Media Encoder, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the WMEX.DLL ActiveX control. This can be exploited to cause a buffer overflow by tricking a user into e.g. visiting a malicious website. Successful exploitation may allow execution of arbitrary code.




SOLUTION: Apply patches.
-- Windows Media Encoder 9 Series --
Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?FamilyID=0cabfbc0-db5d-4a6a-a4cd-e6df89ac2b25
Windows XP SP2/SP3: http://www.microsoft.com/downloads/details.aspx?FamilyID=57bcb3c2-49d3-4f18-8d03-36abd03d7403
Windows XP Professional x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?FamilyID=18efea9e-b103-46de-90d9-5e295854cec3
Windows Server 2003 SP1/SP2: http://www.microsoft.com/downloads/details.aspx?FamilyID=54ce1080-94cf-4e4f-8e09-a7dbab2757c5
Windows Server 2003 x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?FamilyID=c83011cd-90b8-494c-9cad-fa055e101992
Windows Vista (optionally with SP1): http://www.microsoft.com/downloads/details.aspx?FamilyID=99beebc4-553a-46f8-8245-e3d932306c93
Windows Vista x64 Edition (optionally with SP1): http://www.microsoft.com/downloads/details.aspx?FamilyID=99beebc4-553a-46f8-8245-e3d932306c93
Windows Server 2008 for 32-bit Systems: http://www.microsoft.com/downloads/details.aspx?FamilyID=5434ca66-5a6b-4517-92fb-72dea0a172ec
Windows Server 2008 for x64-based Systems: http://www.microsoft.com/downloads/details.aspx?FamilyID=5434ca66-5a6b-4517-92fb-72dea0a172ec


-- Windows Media Encoder 9 Series x64 Edition --
Windows XP Professional x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?FamilyId=ebc1737c-6e78-4244-a1b2-a56d031f16e9
Windows Server 2003 x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?FamilyId=d8f1b782-136b-443f-b5f2-63aa4d1fd94a
Windows Vista x64 Edition (optionally with SP1): http://www.microsoft.com/downloads/details.aspx?FamilyId=54d1279a-7f26-4727-a39d-5505bcd4fc53
Windows Server 2008 for x64-based Systems: http://www.microsoft.com/downloads/details.aspx?FamilyId=e30f9427-26d0-4e86-b9b8-bc637c3b5734

PROVIDED AND/OR DISCOVERED BY: The vendor credits Nguyen Minh Duc and Le Manh Tung, BKIS Hanoi University of Technology.

ORIGINAL ADVISORY: MS08-053 (KB954156): http://www.microsoft.com/technet/security/Bulletin/MS08-053.mspx
Posted on Tuesday, September 09, 2008 @ 21:24:11 EDT by Raven
 
Related Links
· More about Security
· News by Raven
Most read story about Security:
PHP-Nuke *eid* SQL Injection Vulnerability
 
Article Rating
Average Score: 0
Votes: 0

Please take a second and vote for this article:

Excellent
Very Good
Good
Regular
Bad
 
Options

 Printer Friendly Page  Printer Friendly Page

 Send to a Friend  Send to a Friend
 
 

All logos and trademarks in this site are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2008 by Raven
Proud to be listed at Lobo Links Web Directory

You can syndicate our news using the file xml

CSE HTML Validator Helped Clean up This Page! [Valid RSS] valid RSS 2.0 Valid robots.txt Stop Spam Harvesters, Join Project Honey Pot

Website engines core code is © copyright by PHP-Nuke but has been heavily patched and modified by myself and others.
PHP-Nuke is a free software released under the GNU/GPL.

:: fisubice phpbb2 style by Daz :: PHP-Nuke theme by www.nukemods.com ::

:: fisubice Theme Recoded To 100% W3C CSS & HTML 4.01 Transitional Compliance by Raven and 64bitguy ::

:: W3C CSS Compliance Validation :: W3C HTML 4.01 Transitional Compliance Validation ::

zerosum