Page 2 of 60 results (0.006 seconds)

CVSS: 9.3EPSS: 86%CPEs: 5EXPL: 0

The Microsoft WMV video codec in wmv9vcm.dll, wmvdmod.dll in Windows Media Format Runtime 9 and 9.5, and wmvdecod.dll in Windows Media Format Runtime 11 and Windows Media Player 11 and 12 allows remote attackers to execute arbitrary code via a crafted media file, aka "WMV Video Decoder Remote Code Execution Vulnerability." El códec de vídeo Microsoft WMV en wmv9vcm.dll, wmvdmod.dll en Windows Media Format Runtime v9 y v9.5, y wmvdecod.dll en Windows Media Format Runtime 11 y Windows Media Player v11 y v12 permite a atacantes remotos a ejecutar código a través de ficheros multimedia manipulados, tambíen conocido como "WMV Video Decoder Remote Code Execution Vulnerability." This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Windows Media Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the ASF Header Object where the initial value of a for loop is not properly sanitized. An integer underflow can occur resulting in a buffer overflow. • http://www.us-cert.gov/ncas/alerts/TA13-190A https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-057 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16998 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 94%CPEs: 28EXPL: 1

Microsoft Windows Media Player (WMP) 9 through 12 does not properly deallocate objects during a browser reload action, which allows user-assisted remote attackers to execute arbitrary code via crafted media content referenced in an HTML document, aka "Windows Media Player Memory Corruption Vulnerability." Microsoft Windows Media Player (WMP) v9 hasta v12 no asigna adecuadamente ojetos durante la acción de recarga de buscador, lo que permite a atacantes asistidos por usuarios remotos ejecutar código de su elección a través de contenido desferenciado media manipulado en un documento HTML, también conocido como "Vulnerabilidad de corrupción de memoria Windows Media Player". • https://www.exploit-db.com/exploits/15242 http://www.securitytracker.com/id?1024550 http://www.us-cert.gov/cas/techalerts/TA10-285A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-082 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6653 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 97%CPEs: 3EXPL: 4

Untrusted search path vulnerability in the Indeo Codec in iac25_32.ax in Microsoft Windows XP SP3 allows local users to gain privileges via a Trojan horse iacenc.dll file in the current working directory, as demonstrated by access through BS.Player or Media Player Classic to a directory that contains a .avi, .mka, .ra, or .ram file, aka "Indeo Codec Insecure Library Loading Vulnerability." NOTE: some of these details are obtained from third party information. Una vulnerabilidad de ruta (path) de búsqueda no confiable en el Códec Indeo en el archivo iac25_32.ax en Microsoft Windows XP SP3, permite a los usuarios locales alcanzar privilegios por medio de un archivo iacenc.dll de tipo caballo de Troya en el directorio de trabajo actual, como es demostrado por el acceso por medio de BS.Player o Media Player Classic a un directorio que contiene un archivo .avi, .mka, .ra o .ram, también se conoce como "Indeo Codec Insecure Library Loading Vulnerability" NOTA: algunos de estos datos se obtienen de información de terceros. • https://www.exploit-db.com/exploits/14765 https://www.exploit-db.com/exploits/14788 http://osvdb.org/67588 http://secunia.com/advisories/41114 http://www.exploit-db.com/exploits/14765 http://www.exploit-db.com/exploits/14788 http://www.us-cert.gov/cas/techalerts/TA12-045A.html http://www.vupen.com/english/advisories/2010/2190 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4956.php https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-0 •

CVSS: 10.0EPSS: 85%CPEs: 6EXPL: 0

Unspecified vulnerability in the Windows Media Player ActiveX control in Windows Media Player (WMP) 9 on Microsoft Windows 2000 SP4 and XP SP2 and SP3 allows remote attackers to execute arbitrary code via crafted media content, aka "Media Player Remote Code Execution Vulnerability." Vulnerabilidad no especificada en el control ActiveX de Windows Media Player (WMP) 9 en Microsoft Windows 2000 SP4 y XP SP2 y SP3 permite a atacantes remotos ejecutar código de su elección a través de contenido media manipulada, conocido como "Media Player Remote Code Execution Vulnerability." This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows Media Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page. The specific flaw exists within the functionality for retrieving a codec for an unknown fourCC compression code. If an embedded Windows Media Player control attempts to play a media file containing an unknown codec it makes a request to Microsoft to retrieve the necessary capability. • http://www.us-cert.gov/cas/techalerts/TA10-103A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-027 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7281 •

CVSS: 4.3EPSS: 97%CPEs: 3EXPL: 2

Microsoft Windows Media Player 11 does not properly perform colorspace conversion, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .AVI file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Microsoft Windows Media Player 11 no convierte correctamente el colorspace, lo que permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o posiblemente ejecutar código arbitrario a través de un archivo .AVI manipulado. NOTA: la procedencia de esta información es desconocida, los detalles son obtenidos exclusivamente de la información de terceros. • https://www.exploit-db.com/exploits/33770 http://www.securityfocus.com/bid/38790 https://exchange.xforce.ibmcloud.com/vulnerabilities/57205 •