Lucene search

[email protected]NVD:CVE-2008-5745

HistoryDec 29, 2008 - 3:24 p.m.

CVE-2008-5745

2008-12-2915:24:23

CWE-189

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.6 Medium

AI Score

Confidence

High

0.188 Low

EPSS

Percentile

96.3%

JSON

Integer overflow in quartz.dll in the DirectShow framework in Microsoft Windows Media Player (WMP) 9, 10, and 11, including 11.0.5721.5260, allows remote attackers to cause a denial of service (application crash) via a crafted (1) WAV, (2) SND, or (3) MID file. NOTE: this has been incorrectly reported as a code-execution vulnerability. NOTE: it is not clear whether this issue is related to CVE-2008-4927.

Affected configurations

NVD

Node

microsoftwindows_media_playerMatch9

microsoftwindows_media_playerMatch10

microsoftwindows_media_playerMatch11

References

securityreason.com/securityalert/4823

www.securityfocus.com/archive/1/499579/100/0/threaded

www.securityfocus.com/bid/33018

www.securitytracker.com/id?1021495

exchange.xforce.ibmcloud.com/vulnerabilities/47664

www.exploit-db.com/exploits/7585

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.6 Medium

AI Score

Confidence

High

0.188 Low

EPSS

Percentile

96.3%

JSON

Related for NVD:CVE-2008-5745

cve2 prion2 cvelist2 openvas4 nvd1