Vulnerabilities > CVE-2008-5745 - Numeric Errors vulnerability in Microsoft Windows Media Player 10/11/9

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
microsoft
CWE-189
exploit available
NVD
Published: 2008-12-29
Updated: 2024-11-21

Summary

Integer overflow in quartz.dll in the DirectShow framework in Microsoft Windows Media Player (WMP) 9, 10, and 11, including 11.0.5721.5260, allows remote attackers to cause a denial of service (application crash) via a crafted (1) WAV, (2) SND, or (3) MID file. NOTE: this has been incorrectly reported as a code-execution vulnerability. NOTE: it is not clear whether this issue is related to CVE-2008-4927.

Vulnerable Configurations

Part Description Count
Application
Microsoft
3

Common Weakness Enumeration (CWE)

Exploit-Db

  • descriptionMicrosoft Windows Media Player 9/10/11 WAV File Parsing Code Execution Vulnerability. CVE-2008-5745. Remote exploit for windows platform
    idEDB-ID:32684
    last seen2016-02-03
    modified2008-12-29
    published2008-12-29
    reporteranonymous
    sourcehttps://www.exploit-db.com/download/32684/
    titleMicrosoft Windows Media Player 9/10/11 WAV File Parsing Code Execution Vulnerability
  • descriptionMS Windows Media Player * (.WAV) Remote Crash PoC. CVE-2008-5745. Dos exploit for windows platform
    fileexploits/windows/dos/7585.txt
    idEDB-ID:7585
    last seen2016-02-01
    modified2008-12-28
    platformwindows
    port
    published2008-12-28
    reporterlaurent gaffié
    sourcehttps://www.exploit-db.com/download/7585/
    titleMicrosoft Windows Media Player - .WAV Remote Crash PoC
    typedos

References