Info

Disclosure

Aug 14, 2007

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Aug 14, 2007

Description

A buffer overflow exists in Windows Media Player 11. The player fails to handle the space allocated for uncompressing a compressed skin file resulting in a heap overflow. With a specially crafted file, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Private, Exploit Unknown
Disclosure: OSVDB Verified, Vendor Verified

Solution

Microsoft Corporation has released a patch to address this vulnerability.

Products

Microsoft Corporation	Windows Media Player	11
		10
		9
		7.1
		11
		10
		9
		7.1

References

Security Tracker: 1018565
CVE ID: 2007-3037 (see also: NVD)
OVAL ID: 2207
Bugtraq ID: 25305
Secunia Advisory ID: 26433
SCIP VulDB ID: 3247
Related OSVDB ID: 36386
Microsoft Knowledge Base Article: 936782
VUPEN Advisory: ADV-2007-2871
Keyword: aka "Windows Media Player Code Execution Vulnerability Parsing Skins"
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-08/0216.html
News Article: http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9030696
Other Advisory URL: http://www.zerodayinitiative.com/advisories/ZDI-07-046.html
Microsoft Security Bulletin: MS07-047

Credit

Piotr Bania - ania.piotrgmail.com -
Piotr Bania - ania.piotrgmail.com -

Direct URL: http://osvdb.org/36385