CVSS: 9.3EPSS: 51%CPEs: 18EXPL: 0CVE-2010-3965
https://notcve.org/view.php?id=CVE-2010-3965
16 Dec 2010 — Untrusted search path vulnerability in Windows Media Encoder 9 on Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a Windows Media Profile (PRX) file, aka "Insecure Library Loading Vulnerability." Vulnerabilidad de ruta de búsqueda no confiable en Windows Media Encoder 9 en Microsoft Windows XP SP... • http://www.securityfocus.com/bid/42855 •
CVSS: 9.3EPSS: 57%CPEs: 10EXPL: 0CVE-2010-1879
https://notcve.org/view.php?id=CVE-2010-1879
08 Jun 2010 — Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media Format Runtime 9, 9.5, and 11; Media Encoder 9; and the Asycfilt.dll COM component allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "Media Decompression Vulnerability." Vulnerabilidad no especificada en Quartz.dll para DirectShow, Windows Media Format Runtime v9, v9.5 y v11; Media Encoder v9, y el componente COM Asycfilt.dll permite a atacantes remotos ejecutar código a su elección a tr... • http://www.us-cert.gov/cas/techalerts/TA10-159B.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 80%CPEs: 11EXPL: 2CVE-2008-3008 – Microsoft Windows Media Encoder 9 - 'wmex.dll' ActiveX Buffer Overflow (MS08-053)
https://notcve.org/view.php?id=CVE-2008-3008
10 Sep 2008 — Stack-based buffer overflow in the WMEncProfileManager ActiveX control in wmex.dll in Microsoft Windows Media Encoder 9 Series allows remote attackers to execute arbitrary code via a long first argument to the GetDetailsString method, aka "Windows Media Encoder Buffer Overrun Vulnerability." Desbordamiento de búfer basado en pila en el control WMEncProfileManager ActiveX en wmex.dll en Microsoft Windows Media Encoder 9 Series permite a atacantes remotos ejecutar un código arbitrario a través de un primer ar... • https://www.exploit-db.com/exploits/16521 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •