Microsoft Windows Media Player ASX Playlist Remote Command Execution Vulnerability
Technical Description:
A vulnerability has been identified in Microsoft Windows Media Player, which could be exploited by remote attackers to compromise a vulnerable system or cause a denial of service. This flaw is due to a buffer overflow error in the Windows Media Playback/Authoring library (WMVCORE.DLL) when processing ASX Playlists containing an overly long "REF HREF" tag, which could be exploited by remote attackers to execute arbitrary commands by tricking a user into visiting a specially crafted web page.
Affected Products:
Microsoft Windows Media Player 10
Microsoft Windows Media Player 9
Solution:
Upgrade to Microsoft Windows Media Player 11 :
http://www.microsoft.com/windows/windowsmedia/default.mspx
Or disassociate the ASX file extension :
- Double-click the My Computer icon on the desktop
- Click Tools, Folder Options and then Select the File Types tab
- Scroll to find the ASX file extension and then click Delete
Or ensure that ASX playlists are not automatically opened :
- Double-click the My Computer icon on the desktop
- On the Tools menu, select Folder Options
- On the File Types tab, select the ASX file type
- Click Advanced, and then select Confirm Open After Download
- Click OK twice to return to the My Computer window
The FrSIRT is not aware of any official supplied patch for this issue.
References:
http://www.frsirt.com/english/advisories/2006/4882
http://research.eeye.com/html/alerts/zeroday/20061122.html
A vulnerability has been identified in Microsoft Windows Media Player, which could be exploited by remote attackers to compromise a vulnerable system or cause a denial of service. This flaw is due to a buffer overflow error in the Windows Media Playback/Authoring library (WMVCORE.DLL) when processing ASX Playlists containing an overly long "REF HREF" tag, which could be exploited by remote attackers to execute arbitrary commands by tricking a user into visiting a specially crafted web page.
Affected Products:
Microsoft Windows Media Player 10
Microsoft Windows Media Player 9
Solution:
Upgrade to Microsoft Windows Media Player 11 :
http://www.microsoft.com/windows/windowsmedia/default.mspx
Or disassociate the ASX file extension :
- Double-click the My Computer icon on the desktop
- Click Tools, Folder Options and then Select the File Types tab
- Scroll to find the ASX file extension and then click Delete
Or ensure that ASX playlists are not automatically opened :
- Double-click the My Computer icon on the desktop
- On the Tools menu, select Folder Options
- On the File Types tab, select the ASX file type
- Click Advanced, and then select Confirm Open After Download
- Click OK twice to return to the My Computer window
The FrSIRT is not aware of any official supplied patch for this issue.
References:
http://www.frsirt.com/english/advisories/2006/4882
http://research.eeye.com/html/alerts/zeroday/20061122.html
posted by Hardhead | 8:12 PM
0 Comments:
Post a Comment
<< Home