Required CVE Record Information
Description
Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1 and 9 incorrectly associate ISATAP addresses with the Local Intranet zone, which allows remote servers to capture NTLM credentials, and execute arbitrary code through credential-reflection attacks, by sending an authentication request, aka "ISATAP Vulnerability."
References 8 Total
- securitytracker.com: 1021374 vdb-entry
- oval.cisecurity.org: oval:org.mitre.oval:def:5689 vdb-entrysignature
- us-cert.gov: TA08-344A third-party-advisory
- securitytracker.com: 1021375 vdb-entry
- secunia.com: 33058 third-party-advisory
- vupen.com: ADV-2008-3388 vdb-entry
- securityfocus.com: 32654 vdb-entry
- docs.microsoft.com: MS08-076 vendor-advisory
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 8 Total
- securitytracker.com: 1021374 vdb-entryx_transferred
- oval.cisecurity.org: oval:org.mitre.oval:def:5689 vdb-entrysignaturex_transferred
- us-cert.gov: TA08-344A third-party-advisoryx_transferred
- securitytracker.com: 1021375 vdb-entryx_transferred
- secunia.com: 33058 third-party-advisoryx_transferred
- vupen.com: ADV-2008-3388 vdb-entryx_transferred
- securityfocus.com: 32654 vdb-entryx_transferred
- docs.microsoft.com: MS08-076 vendor-advisoryx_transferred