{"result": {"cve": [{"id": "CVE-2010-0265", "type": "cve", "title": "CVE-2010-0265", "description": "Buffer overflow in Microsoft Windows Movie Maker 2.1, 2.6, and 6.0, and Microsoft Producer 2003, allows remote attackers to execute arbitrary code via a crafted project (.MSWMM) file, aka \"Movie Maker and Producer Buffer Overflow Vulnerability.\"", "published": "2010-03-10T17:30:01", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0265", "cvelist": ["CVE-2010-0265"], "lastseen": "2017-09-19T13:36:50"}], "saint": [{"id": "SAINT:B6369738F65BDCBE2EB736FB2F2098D4", "type": "saint", "title": "Microsoft Windows Movie Maker IsValidWMToolsStream buffer overflow", "description": "Added: 05/19/2010 \nCVE: [CVE-2010-0265](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0265>) \nBID: [38515](<http://www.securityfocus.com/bid/38515>) \nOSVDB: [62811](<http://www.osvdb.org/62811>) \n\n\n### Background\n\n[Windows Movie Maker](<http://www.microsoft.com/windowsxp/downloads/updates/moviemaker2.mspx>) is software for creating and editing home movies. \n\n### Problem\n\nA buffer overflow vulnerability in the IsValidWMToolsStream function allows command execution when a user opens a specially crafted .MSWMM file. \n\n### Resolution\n\nApply the update referenced in [Microsoft Security Bulletin 10-016](<http://www.microsoft.com/technet/security/bulletin/MS10-016.mspx>). \n\n### References\n\n<http://seclists.org/fulldisclosure/2010/Mar/173> \n\n\n### Limitations\n\nExploit works on Windows Movie Maker 2.1 and requires a user to open the exploit file. \n\n### Platforms\n\nWindows XP \n \n\n", "published": "2010-05-19T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.saintcorporation.com/cgi-bin/exploit_info/ms_movie_maker_isvalid", "cvelist": ["CVE-2010-0265"], "lastseen": "2016-10-03T15:01:56"}, {"id": "SAINT:78DCBFB71B7236C703750A96712A4BAA", "type": "saint", "title": "Microsoft Windows Movie Maker IsValidWMToolsStream buffer overflow", "description": "Added: 05/19/2010 \nCVE: [CVE-2010-0265](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0265>) \nBID: [38515](<http://www.securityfocus.com/bid/38515>) \nOSVDB: [62811](<http://www.osvdb.org/62811>) \n\n\n### Background\n\n[Windows Movie Maker](<http://www.microsoft.com/windowsxp/downloads/updates/moviemaker2.mspx>) is software for creating and editing home movies. \n\n### Problem\n\nA buffer overflow vulnerability in the IsValidWMToolsStream function allows command execution when a user opens a specially crafted .MSWMM file. \n\n### Resolution\n\nApply the update referenced in [Microsoft Security Bulletin 10-016](<http://www.microsoft.com/technet/security/bulletin/MS10-016.mspx>). \n\n### References\n\n<http://seclists.org/fulldisclosure/2010/Mar/173> \n\n\n### Limitations\n\nExploit works on Windows Movie Maker 2.1 and requires a user to open the exploit file. \n\n### Platforms\n\nWindows XP \n \n\n", "published": "2010-05-19T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://download.saintcorporation.com/cgi-bin/exploit_info/ms_movie_maker_isvalid", "cvelist": ["CVE-2010-0265"], "lastseen": "2016-12-14T16:58:05"}, {"id": "SAINT:5DCC9664E943DA26775DAB6A460DB2C1", "type": "saint", "title": "Microsoft Windows Movie Maker IsValidWMToolsStream buffer overflow", "description": "Added: 05/19/2010 \nCVE: [CVE-2010-0265](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0265>) \nBID: [38515](<http://www.securityfocus.com/bid/38515>) \nOSVDB: [62811](<http://www.osvdb.org/62811>) \n\n\n### Background\n\n[Windows Movie Maker](<http://www.microsoft.com/windowsxp/downloads/updates/moviemaker2.mspx>) is software for creating and editing home movies. \n\n### Problem\n\nA buffer overflow vulnerability in the IsValidWMToolsStream function allows command execution when a user opens a specially crafted .MSWMM file. \n\n### Resolution\n\nApply the update referenced in [Microsoft Security Bulletin 10-016](<http://www.microsoft.com/technet/security/bulletin/MS10-016.mspx>). \n\n### References\n\n<http://seclists.org/fulldisclosure/2010/Mar/173> \n\n\n### Limitations\n\nExploit works on Windows Movie Maker 2.1 and requires a user to open the exploit file. \n\n### Platforms\n\nWindows XP \n \n\n", "published": "2010-05-19T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://my.saintcorporation.com/cgi-bin/exploit_info/ms_movie_maker_isvalid", "cvelist": ["CVE-2010-0265"], "lastseen": "2017-01-10T14:03:44"}], "nessus": [{"id": "SMB_NT_MS10-016.NASL", "type": "nessus", "title": "MS10-016: Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (975561)", "description": "The remote Windows host contains a version of Windows Movie Maker that is affected by a buffer overflow vulnerability due to the way the application parses project file formats.\n\nIf an attacker can trick a user on the affected system into opening a specially crafted Movie Maker or Producer file using the affected application, this issue could be leveraged to execute arbitrary code subject to the user's privileges.", "published": "2010-03-09T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=45020", "cvelist": ["CVE-2010-0265"], "lastseen": "2017-10-29T13:41:50"}], "openvas": [{"id": "OPENVAS:1361412562310900232", "type": "openvas", "title": "Microsoft Windows Movie Maker Could Allow Remote Code Execution Vulnerability (975561)", "description": "This host is missing a critical security update according to\n Microsoft Bulletin MS10-016.", "published": "2010-03-10T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900232", "cvelist": ["CVE-2010-0265"], "lastseen": "2018-01-02T10:54:51"}, {"id": "OPENVAS:900232", "type": "openvas", "title": "Microsoft Windows Movie Maker Could Allow Remote Code Execution Vulnerability (975561)", "description": "This host is missing a critical security update according to\n Microsoft Bulletin MS10-016.", "published": "2010-03-10T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=900232", "cvelist": ["CVE-2010-0265"], "lastseen": "2017-07-02T21:10:02"}], "seebug": [{"id": "SSV:69768", "type": "seebug", "title": "Movie Maker- Remote Code Execution (MS10-016)", "description": "No description provided by source.", "published": "2014-07-01T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.seebug.org/vuldb/ssvid-69768", "cvelist": ["CVE-2010-0265"], "lastseen": "2017-11-19T15:36:45"}], "packetstorm": [{"id": "PACKETSTORM:93497", "type": "packetstorm", "title": "Month Of Abysssec Undisclosed Bugs - Movie Maker", "description": "", "published": "2010-09-06T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://packetstormsecurity.com/files/93497/Month-Of-Abysssec-Undisclosed-Bugs-Movie-Maker.html", "cvelist": ["CVE-2010-0265"], "lastseen": "2016-12-05T22:25:09"}]}}