Forum Index
Home Forum Radio Memberlist Help Search Quick Links

It appears you have not yet registered with our community which limits what you can do & see. It's Free To register, please click here.



Forum Index » Internet » Security Alerts and vulnerabilities » Media Player Remote PNG for windows server
Register Calendar Gallery Mark Forums Read

Security Alerts and vulnerabilities Lets keep abreast on the latest threats by posting those findings here..

Reply
 
Thread Tools Display Modes
  #1  
Old 02-09-2005, 01:13 PM
Mobo's Avatar
Mobo Mobo is offline
Thinking outside the box
  
Join Date: Sep 2004
Location: Cape Breton
Posts: 4,574
Send a message via ICQ to Mobo Send a message via AIM to Mobo Send a message via MSN to Mobo Send a message via Yahoo to Mobo Send a message via Skype™ to Mobo
A remote buffer overflow vulnerability affects the Portable Network Graphics (PNG) image format processing functionality of Microsoft Windows Media Player. This issue is due to a failure of the application to properly validate the size of image data prior to copying it into static process buffers.

An attacker may exploit this issue to execute arbitrary code with the privileges of the SYSTEM user. This will facilitate unauthorized access and privilege escalation.

Platforms Affected
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Datacenter Edition 64-bit
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Enterprise Edition 64-bit
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition

Components Affected
Microsoft Windows Media Player 9.0

Recommendations
Run all client software as a non-privileged user with minimal access rights.
Non-administrative software should always be run as an unprivileged user with minimal access rights to reduce the impact of latent vulnerabilities.

Do not accept or execute files from untrusted or unknown sources.
Users should be extremely cautious about loading images that originate from potentially malicious or unknown sources. This may reduce the likelihood of exploitation.

Do not follow links provided by unknown or untrusted sources.
Refusing to follow all links, including links to image files that originate from unknown or untrusted users may reduce the exposure to this issue.

Do not open email messages from unknown or untrusted individuals.
Refusing to open emails from unknown or untrusted individuals or groups that contain PNG image files may reduce exposure to this issue.

Microsoft has released updated to address this vulnerability in supported versions of the software. Fixes for Windows Media Player on Windows 98/98SE/ME may be obtained through Windows Update.

Microsoft Windows Media Player 9.0:

Microsoft Patch Security Update for Windows Media Player 9 Series (KB885492)
http://www.microsoft.com/downloads/details...&displaylang=en
Reply With Quote
Posted


Reply

« Previous Thread | Next Thread »
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
hijack log der Spyware / Virus Removal 46 10-04-2005 06:49 AM
Tauscan Updates LJM Master Software Update Alerts 14 07-01-2005 01:38 PM
Tauscan LJM Master Software Update Alerts 14 06-02-2005 12:12 PM
Windows Media Player ActiveX Control Two Vulnerabi Mobo Security Alerts and vulnerabilities 0 12-20-2004 07:30 PM
Microsoft December security update Mobo News & Announcements 0 12-18-2004 07:30 AM



All times are GMT -5. The time now is 02:28 AM.

Contact Us - CyberAnswers - Archive - Privacy Statement - Top

Firefox 2