Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:553BEEE55BA1B5B57DC8496A783C56A1
HistoryMar 14, 2011 - 12:00 a.m.

Microsoft Windows Media Player DVR-MS File Code Execution

2011-03-1400:00:00
SAINT Corporation
www.saintcorporation.com
20

EPSS

0.56

Percentile

97.7%

JSON

Added: 03/14/2011
CVE: CVE-2011-0042
BID: 46680
OSVDB: 71016

Background

Windows Media Player is an audio and video media player for Windows platforms.

Problem

A file parsing error in Windows Media Player allows command execution when a user opens a specially crafted Digital Video Recording (DVR-MS) image file.

Resolution

Apply the patch referenced in Microsoft Security Bulletin 11-015.

References

<http://secunia.com/advisories/43626/&gt;

Limitations

This exploit works on Microsoft Windows Media Player 11.0.6002.18005.

The user must open the HTML page on the target using Internet Explorer 7.

The executable smbclient must be available on the exploit server.

A valid SMB user with permission to write to the specified SMB share is required. The smb password is not allowed to contain single quotes (').

Platforms

Windows

Related

saint 3
cve 1
nvd 1
cvelist 1
checkpoint_advisories 1
prion 1
nessus 1
openvas 2
mskb 1
securityvulns 1
saint
saint
Microsoft Windows Media Player DVR-MS File Code Execution
2011-03-14 00:00:00
Microsoft Windows Media Player DVR-MS File Code Execution
2011-03-14 00:00:00
Microsoft Windows Media Player DVR-MS File Code Execution
2011-03-14 00:00:00
cve
cve
CVE-2011-0042
2011-03-09 23:00:01
nvd
nvd
CVE-2011-0042
2011-03-09 23:00:01
cvelist
cvelist
CVE-2011-0042
2011-03-09 22:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Media Player DVR-MS Files Code Execution (MS11-015; CVE-2011-0042)
2011-03-08 00:00:00
prion
prion
Design/Logic Flaw
2011-03-09 23:00:00
nessus
nessus
MS11-015: Vulnerabilities in Windows Media Could Allow Remote Code Execution (2510030)
2011-03-08 00:00:00
openvas
openvas
Microsoft Windows Media Remote Code Execution Vulnerabilities (2510030)
2011-03-09 00:00:00
Microsoft Windows Media Remote Code Execution Vulnerabilities (2510030)
2011-03-09 00:00:00
mskb
mskb
MS11-015: Vulnerability in Microsoft DirectShow could allow remote code execution: March 8, 2011
2011-03-08 00:00:00
securityvulns
securityvulns
Microsoft Windows multiple security vulnerabilities
2011-03-09 00:00:00

EPSS

0.56

Percentile

97.7%

JSON
Related for SAINT:553BEEE55BA1B5B57DC8496A783C56A1
saint3cve1nvd1cvelist1checkpoint_advisories1prion1nessus1openvas2mskb1securityvulns1