5 results (0.009 seconds)

CVSS: 6.8EPSS: 53%CPEs: 17EXPL: 0

CVE-2014-4060 – Microsoft Windows Media Center CSyncBasePlayer Use-After-Free Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2014-4060

Use-after-free vulnerability in MCPlayer.dll in Microsoft Windows Media Center TV Pack for Windows Vista, Windows 7 SP1, and Windows Media Center for Windows 8 and 8.1 allows remote attackers to execute arbitrary code via a crafted Office document that triggers deletion of a CSyncBasePlayer object, aka "CSyncBasePlayer Use After Free Vulnerability." Vulnerabilidad de uso después de liberación en MCPlayer.dll en Microsoft Windows Media Center TV Pack para Windows Vista, Windows 7 SP1, y Windows Media Center para Windows 8 y 8.1 permite a atacantes remotos ejecutar código arbitrario a través de un documento Office manipulado que provoca la eliminación de un objeto CSyncBasePlayer, también conocido como 'vulnerabilidad de uso después de liberación de CSyncBasePlayer.' This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows Media Center. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Microsoft Windows Media Center. By providing a specially crafted Office document, it is possible to corrupt certain allocations that lead to memory corruption. • http://secunia.com/advisories/60671 http://www.securityfocus.com/bid/69093 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-043 • CWE-416: Use After Free •

CVSS: 9.3EPSS: 0%CPEs: 7EXPL: 0

CVE-2011-2009

https://notcve.org/view.php?id=CVE-2011-2009

Untrusted search path vulnerability in Windows Media Center in Microsoft Windows Vista SP2 and Windows 7 Gold and SP1, and Windows Media Center TV Pack for Windows Vista, allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Media Center Insecure Library Loading Vulnerability." Una vulnerabilidad de ruta de búsqueda no confiable en Windows Media Center de Microsoft Windows Vista SP2 y Windows 7 Gold y SP1, y Windows Media Center TV Pack para Windows Vista, permite a usuarios locales conseguir privilegios a través de un caballo de Troya en una DLL en el directorio actual de trabajo. También conocida como "Vulnerabilidad de carga de librería insegura del Media Center. " • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-076 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12934 •

CVSS: 9.3EPSS: 56%CPEs: 11EXPL: 0

CVE-2011-0042

https://notcve.org/view.php?id=CVE-2011-0042

SBE.dll in the Stream Buffer Engine in Windows Media Player and Windows Media Center in Microsoft Windows XP SP2 and SP3, Windows XP Media Center Edition 2005 SP3, Windows Vista SP1 and SP2, Windows 7 Gold and SP1, and Windows Media Center TV Pack for Windows Vista does not properly parse Digital Video Recording (.dvr-ms) files, which allows remote attackers to execute arbitrary code via a crafted file, aka "DVR-MS Vulnerability." SBE.dll de Stream Buffer Engine de Windows Media Player y Windows Media Center de Microsoft Windows XP SP2 y SP3, Windows XP Media Center Edition 2005 SP3, Windows Vista SP1 y SP2, Windows 7 Gold y SP1, y Windows Media Center TV Pack para Windows Vista no procesa apropiadamente ficheros Digital Video Recording (.dvr-ms), lo que permite a atacantes remotos ejecutar código arbitrario a través de un fichero modificado. También coocido como "vulnerabilidad DVR-MS". • http://osvdb.org/71016 http://secunia.com/advisories/43626 http://www.securityfocus.com/bid/46680 http://www.securitytracker.com/id?1025169 http://www.us-cert.gov/cas/techalerts/TA11-067A.html http://www.vupen.com/english/advisories/2011/0615 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-015 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12281 • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 28%CPEs: 9EXPL: 0

CVE-2011-0032

https://notcve.org/view.php?id=CVE-2011-0032

Untrusted search path vulnerability in DirectShow in Microsoft Windows Vista SP1 and SP2, Windows 7 Gold and SP1, Windows Server 2008 R2 and R2 SP1, and Windows Media Center TV Pack for Windows Vista allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a Digital Video Recording (.dvr-ms), Windows Recorded TV Show (.wtv), or .mpg file, aka "DirectShow Insecure Library Loading Vulnerability." Vulnerabilidad de ruta de búsqueda no confiable en DirectShow de Microsoft Windows Vista SP1 y SP2, Windows 7 Gold y SP1, Windows Server 2008 R2 y R2 SP1, y Windows Media Center TV Pack para Windows Vista permite a usuarios locales escalar privilegios a través de una DLL troyanizada en el directorio de trabajo actual, como se ha demostrado con un directorio que contiene una grabación de Digital Video(.dvr-ms), Windows Recorded TV Show (.wtv) o .mpg file. También conocido como "Vulnerabilidad de carga de librerías inseguras DirectShow". • http://osvdb.org/71015 http://secunia.com/advisories/43626 http://www.securityfocus.com/bid/46682 http://www.securitytracker.com/id?1025170 http://www.us-cert.gov/cas/techalerts/TA11-067A.html http://www.vupen.com/english/advisories/2011/0615 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-015 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12506 •

CVSS: 5.0EPSS: 19%CPEs: 67EXPL: 1

CVE-2004-1305 – Microsoft Windows Kernel - '.ANI' File Parsing Crash

https://notcve.org/view.php?id=CVE-2004-1305

The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory address to be used and leads to a kernel crash, or (2) the rate number set to zero, which leads to resource exhaustion and hang. • https://www.exploit-db.com/exploits/721 http://marc.info/?l=bugtraq&m=110382854111833&w=2 http://www.kb.cert.org/vuls/id/177584 http://www.kb.cert.org/vuls/id/697136 http://www.us-cert.gov/cas/techalerts/TA05-012A.html http://www.xfocus.net/flashsky/icoExp https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-002 https://exchange.xforce.ibmcloud.com/vulnerabilities/18667 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.o •