Microsoft Windows Media Encoder 9 'wmex.dll' ActiveX Control Remote Buffer Overflow Vulnerability

To exploit this issue an attacker must entice an unsuspecting user to open a malicious web document.

The following proof of concept and exploit are available for Immunity CANVAS:

https://www.immunityinc.com/downloads/immpartners/ms08_053.tar.gz
https://www.immunityinc.com/downloads/immpartners/ms08_053-2.tar.gz

Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.

NOTE: Symantec has detected active in-the-wild exploits of this issue.

The following exploit code is available:


 

Privacy Statement
Copyright 2010, SecurityFocus