Vulnerabilities > CVE-2008-5232 - Out-Of-Bounds Write vulnerability in Microsoft Windows 2000 and Windows NT

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
microsoft
CWE-787
critical
exploit available

Summary

Buffer overflow in the CallHTMLHelp method in the Microsoft Windows Media Services ActiveX control in nskey.dll 4.1.00.3917 in Windows Media Services on Microsoft Windows NT and 2000, and Avaya Media and Message Application servers, allows remote attackers to execute arbitrary code via a long argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Configurations

Part Description Count
OS
Microsoft
2

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionMicrosoft Windows Media Services 'nskey.dll' 4.1 ActiveX Control Remote Buffer Overflow Vulnerability. CVE-2008-5232. Dos exploit for windows platform
idEDB-ID:32294
last seen2016-02-03
modified2008-08-22
published2008-08-22
reporterJeremy Brown
sourcehttps://www.exploit-db.com/download/32294/
titleMicrosoft Windows Media Services 'nskey.dll' 4.1 - ActiveX Control Remote Buffer Overflow Vulnerability