Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: MS06-024: buffer overflow in windows media player - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
MS06-024: buffer overflow in windows media player
MS06-024 - KB 917734

Windows Media player is vulnerable in it's handling of PNG images.

Microsoft rates his vulnerability as critical. It allows remote code execution.
Attack vectors of both email and web are possible through the use of .wmz files.

Workarounds will be based on content filetring in gateways, but might be below par on effectiveness if you count encrypted messages and the like as possible exploit vectors.

--
Swa Frantzen -- section 66


Swa

760 Posts

Sign Up for Free or Log In to start participating in the conversation!