Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

MS06-024: buffer overflow in windows media player

Published: 2006-06-13
Last Updated: 2006-06-13 17:51:30 UTC
by Swa Frantzen (Version: 1)
0 comment(s)
MS06-024 - KB 917734

Windows Media player is vulnerable in it's handling of PNG images.

Microsoft rates his vulnerability as critical. It allows remote code execution.
Attack vectors of both email and web are possible through the use of .wmz files.

Workarounds will be based on content filetring in gateways, but might be below par on effectiveness if you count encrypted messages and the like as possible exploit vectors.

--
Swa Frantzen -- section 66


Keywords:
0 comment(s)
Diary Archives