9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.923 High
EPSS
Percentile
98.9%
Added: 05/19/2010
CVE: CVE-2010-0265
BID: 38515
OSVDB: 62811
Windows Movie Maker is software for creating and editing home movies.
A buffer overflow vulnerability in the IsValidWMToolsStream function allows command execution when a user opens a specially crafted .MSWMM file.
Apply the update referenced in Microsoft Security Bulletin 10-016.
<http://seclists.org/fulldisclosure/2010/Mar/173>
Exploit works on Windows Movie Maker 2.1 and requires a user to open the exploit file.
Windows XP