// For flags

CVE-2013-3127

Microsoft Windows Media Player WMV Parsing Remote Code Execution Vulnerability

Severity Score

9.3
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The Microsoft WMV video codec in wmv9vcm.dll, wmvdmod.dll in Windows Media Format Runtime 9 and 9.5, and wmvdecod.dll in Windows Media Format Runtime 11 and Windows Media Player 11 and 12 allows remote attackers to execute arbitrary code via a crafted media file, aka "WMV Video Decoder Remote Code Execution Vulnerability."

El códec de vídeo Microsoft WMV en wmv9vcm.dll, wmvdmod.dll en Windows Media Format Runtime v9 y v9.5, y wmvdecod.dll en Windows Media Format Runtime 11 y Windows Media Player v11 y v12 permite a atacantes remotos a ejecutar código a través de ficheros multimedia manipulados, tambíen conocido como "WMV Video Decoder Remote Code Execution Vulnerability."

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Windows Media Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of the ASF Header Object where the initial value of a for loop is not properly sanitized. An integer underflow can occur resulting in a buffer overflow. This can be leveraged to gain remote code execution under the context of the user.

*Credits: FuzzMyApp
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
Attack Vector
Network
Attack Complexity
High
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-04-17 CVE Reserved
  • 2013-07-10 CVE Published
  • 2024-08-03 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-94: Improper Control of Generation of Code ('Code Injection')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Microsoft
Search vendor "Microsoft"
Windows Media Format Runtime
Search vendor "Microsoft" for product "Windows Media Format Runtime"
9
Search vendor "Microsoft" for product "Windows Media Format Runtime" and version "9"
-
Affected
Microsoft
Search vendor "Microsoft"
Windows Media Format Runtime
Search vendor "Microsoft" for product "Windows Media Format Runtime"
9.5
Search vendor "Microsoft" for product "Windows Media Format Runtime" and version "9.5"
-
Affected
Microsoft
Search vendor "Microsoft"
Windows Media Format Runtime
Search vendor "Microsoft" for product "Windows Media Format Runtime"
11
Search vendor "Microsoft" for product "Windows Media Format Runtime" and version "11"
-
Affected
Microsoft
Search vendor "Microsoft"
Windows Media Player
Search vendor "Microsoft" for product "Windows Media Player"
11
Search vendor "Microsoft" for product "Windows Media Player" and version "11"
-
Affected
Microsoft
Search vendor "Microsoft"
Windows Media Player
Search vendor "Microsoft" for product "Windows Media Player"
12
Search vendor "Microsoft" for product "Windows Media Player" and version "12"
-
Affected