Designing a COM library for Rust

I interned with Microsoft as a Software Engineering Intern in the MSRC UK team in Cheltenham this past summer. I worked in the Safe Systems Programming Language SSPL group, which explores safe programming languages as a proactive measure against memory-safety related vulnerabilities. This blog po...

Designing a COM library for Rust

I interned with Microsoft as a Software Engineering Intern in the MSRC UK team in Cheltenham this past summer. I worked in the Safe Systems Programming Language SSPL group, which explores safe programming languages as a proactive measure against memory-safety related vulnerabilities. This blog po...

Microsoft Windows Media Player SSPL文件远程代码执行漏洞（MS08-054）

BUGTRAQ ID: 30550 CVE ID：CVE-2008-2253 CNCVE ID：CNCVE-20082253 Microsoft Windows Media Player是一款流行的媒体播放程序。 Microsoft Windows Media Player处理样取样速率存在缓冲区溢出，远程攻击者可以利用漏洞构建特殊音频文件触发此漏洞，可导致以应用程序权限执行任意指令。 目前没有详细漏洞细节提供。 Microsoft Windows Media Player 11 可参考如下临时解决方案： -反注册wmpeffects.dll： 在32-bit Windows系统下:...

CVE-2008-2253

CVE-2008-2253 affects Windows Media Player 11. A remote code execution vulnerability exists when specially crafted audio-only files are streamed from a Windows Media Server SSPL, due to a buffer overflow in WMP11. Exploitation requires a user to open the crafted file; impact could be full system ...

Microsoft Windows Media Player SSPL File Sample Rate Remote Code-Execution Vulnerability

...

WSX Files (CVE-2008-2253)

A server-side playlist SSPL is a list that identifies what content is played for a client, the time at which it is played, and the order in which it is played. WSX is a document used as SSPL by Windows Media server. A remote code execution vulnerability was reported in Windows Media Player 11. Th...