CVE-2008-3010: CVE-2008-3010

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2008-3010

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1 and 9 incorrectly associate ISATAP addresses with the Local Intranet zone, which allows remote servers to capture NTLM credentials, and execute arbitrary code through credential-reflection attacks, by sending an authentication request, aka "ISATAP Vulnerability."

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Microsoft Windows ISATAP URL处理信息泄露漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Windows媒体组件包括Windows Media Player、Windows Media Format Runtime和Windows Media Services等多种服务和应用。 Windows的媒体组件在确定区的时候会处理ISATAP地址，但没有将ISATAP服务器地址处理为Internet区地址，而是归类为Intranet区。由于可能向Internet上的不可信任目标发送NTLM认证数据，这就可能导致信息泄露。远程攻击者可以通过回放攻击获得NTLM凭据，并通过该凭据以目标用户的权限进行非授权

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2008-3010

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2008-3010

Please Login to view more intelligence information

http://secunia.com/advisories/33058third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/32654vdb-entryx_refsource_BID
http://www.securitytracker.com/id?1021375vdb-entryx_refsource_SECTRACK
http://www.securitytracker.com/id?1021374vdb-entryx_refsource_SECTRACK
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-076vendor-advisoryx_refsource_MS
http://www.vupen.com/english/advisories/2008/3388vdb-entryx_refsource_VUPEN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5689vdb-entrysignaturex_refsource_OVAL
https://nvd.nist.gov/vuln/detail/CVE-2008-3010

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2008-3010

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2008-3010

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2008-3010

III. Intelligence Information for CVE-2008-3010

IV. Related Vulnerabilities

V. Comments for CVE-2008-3010

Leave a comment