cpe:/a:microsoft:windows_media_encoder:9_series cpe:/o:microsoft:windows-nt:2000:sp4 cpe:/o:microsoft:windows-nt:2003::x64 cpe:/o:microsoft:windows-nt:2003:sp1 cpe:/o:microsoft:windows-nt:2003:sp2 cpe:/o:microsoft:windows-nt:2003:sp2:x64 cpe:/o:microsoft:windows-nt:xp:sp2 cpe:/o:microsoft:windows-nt:xp:sp2:x64 cpe:/o:microsoft:windows-nt:xp:sp3 CVE-2008-3008 2008-09-10T21:11:47.057-04:00 2017-09-28T21:31:28.477-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2016-11-08T09:09:17.090-05:00 ALLOWS_ADMIN_ACCESS SECTRACK 1020832 BID 31065 EXPLOIT-DB 6454 VUPEN ADV-2008-2521 HP HPSBST02372 IAVM IAVM:2008-B-0057 MS MS08-053 HP SSRT080133 CERT TA08-253A CERT-VN VU#996227 Stack-based buffer overflow in the WMEncProfileManager ActiveX control in wmex.dll in Microsoft Windows Media Encoder 9 Series allows remote attackers to execute arbitrary code via a long first argument to the GetDetailsString method, aka "Windows Media Encoder Buffer Overrun Vulnerability."