CVE-2008-3010

CVE-2008-3010 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1 and 9 incorrectly associate ISATAP addresses with the Local Intranet zone, which allows remote servers to capture NTLM credentials, and execute arbitrary code through credential-reflection attacks, by sending an authentication request, aka "ISATAP Vulnerability."

Learn more about our Cis Benchmark Audit For Server Software.