Vulnerability Description
Buffer overflow in the CallHTMLHelp method in the Microsoft Windows Media Services ActiveX control in nskey.dll 4.1.00.3917 in Windows Media Services on Microsoft Windows NT and 2000, and Avaya Media and Message Application servers, allows remote attackers to execute arbitrary code via a long argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 2000 | - |
| Microsoft | Windows Nt | 4.0 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.org/0808-exploits/wms-overflow.txtExploitThird Party Advisory
- http://securitytracker.com/id?1020733Third Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/30814Third Party AdvisoryVDB Entry
- http://www.securityfocus.com/data/vulnerabilities/exploits/30814.html.txtExploitThird Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44629Third Party AdvisoryVDB Entry
- http://packetstormsecurity.org/0808-exploits/wms-overflow.txtExploitThird Party Advisory
- http://securitytracker.com/id?1020733Third Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/30814Third Party AdvisoryVDB Entry
- http://www.securityfocus.com/data/vulnerabilities/exploits/30814.html.txtExploitThird Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44629Third Party AdvisoryVDB Entry
FAQ
What is CVE-2008-5232?
CVE-2008-5232 is a vulnerability with a CVSS score of 9.3 (HIGH). Buffer overflow in the CallHTMLHelp method in the Microsoft Windows Media Services ActiveX control in nskey.dll 4.1.00.3917 in Windows Media Services on Microsoft Windows NT and 2000, and Avaya Media ...
How severe is CVE-2008-5232?
CVE-2008-5232 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-5232?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 2000, Microsoft Windows Nt.