CVE-2008-3010 - OpenCVE

Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1 and 9 incorrectly associate ISATAP addresses with the Local Intranet zone, which allows remote servers to capture NTLM credentials, and execute arbitrary code through credential-reflection attacks, by sending an authentication request, aka "ISATAP Vulnerability."

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Microsoft	Windows Media Player Windows Server 2003 Windows 2000 Windows 2003 Server Windows Xp

Configuration 1 [-]

AND

cpe:2.3:a:microsoft:windows_media_player:6.4:*:*:*:*:*:*:*

OR	cpe:2.3:o:microsoft:windows_2000::sp4::::::*
	cpe:2.3:o:microsoft:windows_2003_server::sp1::::::*
	cpe:2.3:o:microsoft:windows_2003_server::sp2::::::*
	cpe:2.3:o:microsoft:windows_2003_server::sp2:x64:::::
	cpe:2.3:o:microsoft:windows_server_2003::x64::::::*
	cpe:2.3:o:microsoft:windows_xp:::pro_x64:::::*
	cpe:2.3:o:microsoft:windows_xp::sp2::::::*
	cpe:2.3:o:microsoft:windows_xp::sp2:pro_x64:::::
	cpe:2.3:o:microsoft:windows_xp::sp3::::::*

References

Link	Resource
http://secunia.com/advisories/33058
http://www.securityfocus.com/bid/32654
http://www.securitytracker.com/id?1021374
http://www.securitytracker.com/id?1021375
http://www.us-cert.gov/cas/techalerts/TA08-344A.html	US Government Resource
http://www.vupen.com/english/advisories/2008/3388
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-076
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5689

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: microsoft

Published: 2008-12-10T13:33:00

Updated: 2018-10-12T19:57:01

Reserved: 2008-07-07T00:00:00

Link: CVE-2008-3010

JSON object: View

NVD Information

Status : Modified

Published: 2008-12-10T14:00:00.753

Modified: 2018-10-12T21:47:48.387

Link: CVE-2008-3010

JSON object: View

Redhat Information

No data.

CWE

CWE-200

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-12-09T00:00:00", "descriptions": [{"lang": "en", "value": "Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1 and 9 incorrectly associate ISATAP addresses with the Local Intranet zone, which allows remote servers to capture NTLM credentials, and execute arbitrary code through credential-reflection attacks, by sending an authentication request, aka \"ISATAP Vulnerability.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-12T19:57:01", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft"}, "references": [{"name": "1021374", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1021374"}, {"name": "oval:org.mitre.oval:def:5689", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5689"}, {"name": "TA08-344A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-344A.html"}, {"name": "1021375", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1021375"}, {"name": "33058", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/33058"}, {"name": "ADV-2008-3388", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/3388"}, {"name": "32654", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/32654"}, {"name": "MS08-076", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-076"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@microsoft.com", "ID": "CVE-2008-3010", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1 and 9 incorrectly associate ISATAP addresses with the Local Intranet zone, which allows remote servers to capture NTLM credentials, and execute arbitrary code through credential-reflection attacks, by sending an authentication request, aka \"ISATAP Vulnerability.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1021374", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1021374"}, {"name": "oval:org.mitre.oval:def:5689", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5689"}, {"name": "TA08-344A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA08-344A.html"}, {"name": "1021375", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1021375"}, {"name": "33058", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/33058"}, {"name": "ADV-2008-3388", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/3388"}, {"name": "32654", "refsource": "BID", "url": "http://www.securityfocus.com/bid/32654"}, {"name": "MS08-076", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-076"}]}}}}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2008-3010", "datePublished": "2008-12-10T13:33:00", "dateReserved": "2008-07-07T00:00:00", "dateUpdated": "2018-10-12T19:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:windows_media_player:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "1CE4EC55-63B7-409E-9E4D-DBC5A36D2F5A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*", "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "FE8F4276-4D97-480D-A542-FE9982FFD765", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*", "matchCriteriaId": "6881476D-81A2-4DFD-AC77-82A8D08A0568", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:x64:*:*:*:*:*:*", "matchCriteriaId": "39956C56-FB39-485B-9BD6-B92807681676", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:pro_x64:*:*:*:*:*", "matchCriteriaId": "29EDE745-5A26-42BF-AFDE-7D985BB09D44", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:pro_x64:*:*:*:*:*", "matchCriteriaId": "2D48D876-6A88-4B52-9322-9F019BFA19B9", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1 and 9 incorrectly associate ISATAP addresses with the Local Intranet zone, which allows remote servers to capture NTLM credentials, and execute arbitrary code through credential-reflection attacks, by sending an authentication request, aka \"ISATAP Vulnerability.\""}, {"lang": "es", "value": "Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 hasta 11, y Windows Media Services 4.1 y 9 incorrectamente asociados a direcciones ISATAP con la zona Intranet local, el cual permite a los servidores remotos capturar credenciales NTLM, y ejecutar arbitrariamente c\u00f3digo a trav\u00e9s de un ataque \"credential-reflection\", enviado una petici\u00f3n de autenticaci\u00f3n, alias \"Vulnerabilidad ISATAP \"."}], "id": "CVE-2008-3010", "lastModified": "2018-10-12T21:47:48.387", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-12-10T14:00:00.753", "references": [{"source": "secure@microsoft.com", "url": "http://secunia.com/advisories/33058"}, {"source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/32654"}, {"source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1021374"}, {"source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id?1021375"}, {"source": "secure@microsoft.com", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-344A.html"}, {"source": "secure@microsoft.com", "url": "http://www.vupen.com/english/advisories/2008/3388"}, {"source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-076"}, {"source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5689"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}