27 matches found
EUVD-2009-2371
Malware in sbrugna...
EUVD-2017-0412
Malware in sbrugna...
CVE-2017-0045
Windows DVD Maker in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and Windows Vista SP2 does not properly parse crafted .msdvd files, which allows attackers to obtain information to compromise a target system, aka "Windows DVD Maker Cross-Site Request Forgery Vulnerability."...
CVE-2017-0045
Windows DVD Maker in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and Windows Vista SP2 does not properly parse crafted .msdvd files, which allows attackers to obtain information to compromise a target system, aka "Windows DVD Maker Cross-Site Request Forgery Vulnerability."...
Cross site request forgery (csrf)
Windows DVD Maker in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and Windows Vista SP2 does not properly parse crafted .msdvd files, which allows attackers to obtain information to compromise a target system, aka "Windows DVD Maker Cross-Site Request Forgery Vulnerability."...
CVE-2017-0045
CVE-2017-0045 is a Windows DVD Maker XML External Entity (XXE) information-disclosure vulnerability affecting Windows 7 SP1, Windows Server 2008 SP2/R2 SP1, and Windows Vista SP2. The vulnerability arises when parsing crafted .msdvd files, enabling an attacker to access local files information on...
CVE-2017-0045
Windows DVD Maker in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and Windows Vista SP2 does not properly parse crafted .msdvd files, which allows attackers to obtain information to compromise a target system, aka "Windows DVD Maker Cross-Site Request Forgery Vulnerability."...
Microsoft Windows DVD Maker 6.1.7 - XML External Entity Injection
Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-DVD-MAKER-XML-EXTERNAL-ENTITY-FILE-DISCLOSURE.txt + ISR: ApparitionSec Vendor: ================= www.microsoft.com Product: ================= Windows DVD Maker...
Microsoft Windows DVD Maker 6.1.7 - XML External Entity Injection
Microsoft Windows DVD Maker 6.1.7 - XML External Entity Injection + Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-DVD-MAKER-XML-EXTERNAL-ENTITY-FILE-DISCLOSURE.txt + ISR: ApparitionSec Vendor: =================...
Windows DVD Maker 6.1.7 - XML External Entity Injection Vulnerability
Exploit for windows platform in category local exploits + Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-DVD-MAKER-XML-EXTERNAL-ENTITY-FILE-DISCLOSURE.txt + ISR: ApparitionSec Vendor: =================...
Windows DVD Maker 6.1.7 XXE Injection
Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-DVD-MAKER-XML-EXTERNAL-ENTITY-FILE-DISCLOSURE.txt + ISR: ApparitionSec Vendor: ================= www.microsoft.com Product: ================= Windows DVD Maker...
Microsoft Windows DVD Maker Cross-Site Request Forgery Vulnerability (3208223)
This host is missing an important security update according to Microsoft Bulletin MS17-020. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
March 2017 Security Only Quality Update for Windows 7 SP1 and Windows Server 2008 R2 SP1
March 2017 Security Only Quality Update for Windows 7 SP1 and Windows Server 2008 R2 SP1 Summary This security update resolves the following vulnerabilities in Windows 7 SP1 and Windows Server 2008 R2 SP1: MS17-022 Security update for Microsoft XML Core Services MS17-021 Security update for...
Windows DVD Maker XML External Entity Information Disclosure Vulnerability
An information disclosure vulnerability exists in Windows when Windows DVD Maker fails to properly parse a specially crafted .msdvd file. An attacker who successfully exploited the vulnerability could obtain information to further compromise a target system. To exploit the vulnerability, an...
MS17-020: Security Update for Windows DVD Maker (3208223)
The remote Windows host is missing a security update. It is, therefore, affected by an information disclosure vulnerability in Windows DVD Maker due to improper parsing of .msdvd files. An unauthenticated, remote attacker can exploit this issue, by convincing a user to execute a specially crafted...
MS17-020: Security update for Windows DVD Maker: March 14, 2017
Resolves an information disclosure vulnerability in Windows DVD Maker. This vulnerability could allow an attacker to obtain information to further compromise a targeted system.SummaryTo learn more about the vulnerability that this update fixes, see Microsoft Security Bulletin MS17-020. More...
Microsoft Windows DVD Maker CVE-2017-0045 Cross Site Request Forgery Vulnerability
Description Microsoft Windows DVD Maker is prone to an unspecified cross-site request forgery vulnerability because it fails to properly validate HTTP requests. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application...
KLA10987 Information disclosure in Windows DVD Maker
An improper parsing of .msdvd files was found in Windows DVD maker. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a specially designed .msdvd file. Original advisories MS17-020 CVE-2017-0045 Exploitation Public...
Photo DVD Maker Pro <= 8.02 (.pdm) Local BOF Exploit (SEH)
No description provided by source.  | || | / \ | | | | | | | | | - | | | / / | | |||| || // / |\ || + Bug : Photo DVD Maker .pdm Local Buffer Overflow Exploit SEH + Refer : Secunia advisory 35709 + Exploit : His0k4 + Tested on : Windows XP SP3 + Description: The program filters some chars i...
Photo DVD Maker Pro 8.02 - .pdm Local Buffer Overflow (SEH)
Photo DVD Maker Pro 8.02 - .pdm Local Buffer Overflow SEH  | || | / \ | | | | | | | | | -open header1 = "\x3c\x3f\x78\x6d\x6c\x20\x76\x65\x72\x73\x69\x6f\x6e\x3d\x22\x31\x2e\x30\x22\x20" header1 += "\x65\x6e\x63\x6f\x64\x69\x6e\x67\x3d\x22\x55\x54\x46\x2d\x38\x22\x20\x3f\x3e\x0a" header1 +=...