ISATAP VulnerabilityID: oval:org.mitre.oval:def:5689 | Date: (C)2008-12-10 (M)2022-10-10 |
Class: VULNERABILITY | Family: windows |
Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1 and 9 incorrectly associate ISATAP addresses with the Local Intranet zone, which allows remote servers to capture NTLM credentials, and execute arbitrary code through credential-reflection attacks, by sending an authentication request, aka "ISATAP Vulnerability."
Platform: |
Microsoft Windows 2000 |
Microsoft Windows XP |
Microsoft Windows Server 2003 |
Microsoft Windows Vista |
Microsoft Windows Server 2008 |
Product: |
Windows Media Player 6.4 |
Windows Media Server 4.1 |
Windows Media Server 9 |
Windows Media Format Runtime 7.1 |
Windows Media Format Runtime 9.5 |
Windows Media Format Runtime 11 |