Lucene search

[email protected]CVE-2008-3010

HistoryDec 10, 2008 - 2:00 p.m.

CVE-2008-3010

2008-12-1014:00:00

CWE-200

[email protected]

web.nvd.nist.gov

microsoft

windows

isatap

vulnerability

cve-2008-3010

ntlm

remote servers

arbitrary code

7.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.101 Low

EPSS

Percentile

94.9%

JSON

Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1 and 9 incorrectly associate ISATAP addresses with the Local Intranet zone, which allows remote servers to capture NTLM credentials, and execute arbitrary code through credential-reflection attacks, by sending an authentication request, aka “ISATAP Vulnerability.”

CPENameOperatorVersion
microsoft:windows_media_playermicrosoft windows media playereq6.4

CPE	Name	Operator	Version
microsoft:windows_media_player	microsoft windows media player	eq	6.4

References

secunia.com/advisories/33058

www.securityfocus.com/bid/32654

www.securitytracker.com/id?1021374

www.securitytracker.com/id?1021375

www.us-cert.gov/cas/techalerts/TA08-344A.html

www.vupen.com/english/advisories/2008/3388

docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-076

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5689

7.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.101 Low

EPSS

Percentile

94.9%

JSON

Related for CVE-2008-3010

seebug1 prion1 securityvulns2 openvas2 nessus1