8 matches found
Microsoft Media Foundation Information Disclosure Vulnerability
Microsoft Media Foundation, a next-generation multimedia platform for Windows, is vulnerable to information disclosure. An attacker could use this vulnerability to obtain sensitive information...
Vulnerability Spotlight: Information disclosure vulnerability in Microsoft Media Foundation
Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Microsoft Media Foundation contains an information disclosure vulnerability that could allow an attacker to eventually remotely execute code on the victim machine. Media Foundation is a COM-based multimedia...
Microsoft Media Foundation CQTMetadataKeysAtom GetKeyForIndex Information Disclosure Vulnerability
Summary An exploitable code execution vulnerability exists in the CQTMetadataKeysAtom GetKeyForIndex functionality of Microsoft Corporation Microsoft Media Foundation 10.0.18362.476. A specially crafted malformed file can cause code execution resulting in remote code execution. An attacker can...
Vulnerability Spotlight: Code execution vulnerability in Microsoft Media Foundation
Marcin Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Microsoft Media Foundation’s framework contains a code execution vulnerability. This specific bug lies in Media Foundations’ MPEG4 DLL. An attacker could provide a user with a specially crafted ASF file to exploit this...
Microsoft Media Foundation IMFASFSplitter::Initialize Code Execution Vulnerability
Summary An exploitable type confusion vulnerability exists in the mfasfsrcsnk.dll of Microsoft Media Foundation 10.0.18362.207. A specially crafted ASF file can cause type confusion, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the...
Microsoft Patch Tuesday — Nov. 2019: Vulnerability disclosures and Snort coverage
By Jon Munshaw. Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday discloses 75 vulnerabilities, 13 of which are considered "critical," with the rest being deemed "important." This month’s security...
Vulnerability Spotlight: Remote code execution vulnerability in Microsoft Media Foundation
Marcin Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Microsoft Media Foundation’s framework contains a remote code execution vulnerability that exists due to a use-after-free condition. This specific bug lies in Media Foundation's MPEG4 DLL. An attacker could provide a...
Microsoft Windows Media Format MP3 Metadata Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability that arises when an affected Windows component handles a malicious MP3 file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the currently logged-in user. Failed attacks will...