Vigil@nce: Windows Media Encoder, code execution
September 2008 by Vigil@nce
An attacker can use an ActiveX installed by Windows Media Encoder in order to execute code on victim’s computer.
Consequences: user access/rights
Provenance: internet server
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 10/09/2008
Microsoft Windows 2000 [confidential versions]
Microsoft Windows 2003 [confidential versions]
Microsoft Windows 2008
Microsoft Windows Vista [confidential versions]
Microsoft Windows XP [confidential versions]
The Windows Media Encoder 9 Series product is used to create rich multimedia contents. This product is not installed by default under Windows.
This product installs the WMEX.DLL ActiveX. This ActiveX is tagged as Safe For Scripting, whereas it was not conceived in a secure manner. An attacker can therefore use malicious parameters in order to execute code.
An attacker can thus create a HTML page calling this ActiveX in order to execute code on the computer of the victim displaying the page.
Identifiers: BID-31065, CVE-2008-3008, MS08-053, VIGILANCE-VUL-8099, VU#996227