SAINT CorporationSAINT:42AE76DB5B65E5237B566B630C061742Microsoft Windows Media Player DVR-MS File Code Execution
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.56 Medium
EPSS
Percentile
97.7%
Added: 03/14/2011
CVE: CVE-2011-0042
BID: 46680
OSVDB: 71016
Background
Windows Media Player is an audio and video media player for Windows platforms.
Problem
A file parsing error in Windows Media Player allows command execution when a user opens a specially crafted Digital Video Recording (DVR-MS) image file.
Resolution
Apply the patch referenced in Microsoft Security Bulletin 11-015.
References
<http://secunia.com/advisories/43626/>
Limitations
This exploit works on Microsoft Windows Media Player 11.0.6002.18005.
The user must open the HTML page on the target using Internet Explorer 7.
The executable smbclient must be available on the exploit server.
A valid SMB user with permission to write to the specified SMB share is required. The smb password is not allowed to contain single quotes (').
Platforms
Windows
Related
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.56 Medium
EPSS
Percentile
97.7%