CVE-2011-0042
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
SBE.dll in the Stream Buffer Engine in Windows Media Player and Windows Media Center in Microsoft Windows XP SP2 and SP3, Windows XP Media Center Edition 2005 SP3, Windows Vista SP1 and SP2, Windows 7 Gold and SP1, and Windows Media Center TV Pack for Windows Vista does not properly parse Digital Video Recording (.dvr-ms) files, which allows remote attackers to execute arbitrary code via a crafted file, aka "DVR-MS Vulnerability."
SBE.dll de Stream Buffer Engine de Windows Media Player y Windows Media Center de Microsoft Windows XP SP2 y SP3, Windows XP Media Center Edition 2005 SP3, Windows Vista SP1 y SP2, Windows 7 Gold y SP1, y Windows Media Center TV Pack para Windows Vista no procesa apropiadamente ficheros Digital Video Recording (.dvr-ms), lo que permite a atacantes remotos ejecutar código arbitrario a través de un fichero modificado. También coocido como "vulnerabilidad DVR-MS".
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2010-12-10 CVE Reserved
- 2011-03-09 CVE Published
- 2025-01-21 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/71016 | Vdb Entry | |
| http://secunia.com/advisories/43626 | Third Party Advisory | |
| http://www.securityfocus.com/bid/46680 | Vdb Entry | |
| http://www.securitytracker.com/id?1025169 | Vdb Entry | |
| http://www.us-cert.gov/cas/techalerts/TA11-067A.html | Third Party Advisory | |
| http://www.vupen.com/english/advisories/2011/0615 | Vdb Entry | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12281 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-015 | 2023-12-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Microsoft Search vendor "Microsoft" | Windows Media Center Tv Pack Search vendor "Microsoft" for product "Windows Media Center Tv Pack" | * | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Vista Search vendor "Microsoft" for product "Windows Vista" | * | x32 |
Affected
|
| Microsoft Search vendor "Microsoft" | Windows Media Center Tv Pack Search vendor "Microsoft" for product "Windows Media Center Tv Pack" | * | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Vista Search vendor "Microsoft" for product "Windows Vista" | * | x64 |
Affected
|
| Microsoft Search vendor "Microsoft" | Windows Xp Media Center Search vendor "Microsoft" for product "Windows Xp Media Center" | 2005 Search vendor "Microsoft" for product "Windows Xp Media Center" and version "2005" | sp3 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | - | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | - | sp1, x64 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | - | sp1, x86 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Vista Search vendor "Microsoft" for product "Windows Vista" | * | sp1 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Vista Search vendor "Microsoft" for product "Windows Vista" | * | sp2 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | sp2, x64 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Xp Search vendor "Microsoft" for product "Windows Xp" | * | sp3 |
Affected
| ||||||