Test ID:	1.3.6.1.4.1.25623.1.0.900044
Category:	Windows : Microsoft Bulletins
Title:	Windows Media Encoder 9 Remote Code Execution Vulnerability (954156)
Summary:	This host is missing a critical security update according to; Microsoft Bulletin MS08-053.
Description:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS08-053. Vulnerability Insight: The flaw is due to a boundary error in the WMEX.DLL ActiveX control. Vulnerability Impact: Remote attackers can execute arbitrary code, if a user views a specially crafted web page, and can successfully exploit to take complete control of an affected system to view, change, or delete, or create new accounts with full user rights. Affected Software/OS: Microsoft Windows Media Encoder 9 on Microsoft Windows 2K/XP/2003. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-3008 BugTraq ID: 31065 http://www.securityfocus.com/bid/31065 Cert/CC Advisory: TA08-253A http://www.us-cert.gov/cas/techalerts/TA08-253A.html CERT/CC vulnerability note: VU#996227 http://www.kb.cert.org/vuls/id/996227 https://www.exploit-db.com/exploits/6454 HPdes Security Advisory: HPSBST02372 http://marc.info/?l=bugtraq&m=122235754013992&w=2 HPdes Security Advisory: SSRT080133 Microsoft Security Bulletin: MS08-053 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-053 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6018 http://www.securitytracker.com/id?1020832 http://www.vupen.com/english/advisories/2008/2521
Copyright	Copyright (C) 2008 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.