[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2011-0042

Date: (C)2011-03-09   (M)2017-09-22
 
CVSS Score: 9.3Access Vector: NETWORK
Exploitability Subscore: 8.6Access Complexity: MEDIUM
Impact Subscore: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE











SBE.dll in the Stream Buffer Engine in Windows Media Player and Windows Media Center in Microsoft Windows XP SP2 and SP3, Windows XP Media Center Edition 2005 SP3, Windows Vista SP1 and SP2, Windows 7 Gold and SP1, and Windows Media Center TV Pack for Windows Vista does not properly parse Digital Video Recording (.dvr-ms) files, which allows remote attackers to execute arbitrary code via a crafted file, aka "DVR-MS Vulnerability."

Reference:
SECTRACK-1025169
SECUNIA-43626
BID-46680
OSVDB-71016
ADV-2011-0615
IAVM:2011-A-0031
MS11-015
TA11-067A

CPE    12
cpe:/a:microsoft:windows_media_center_tv_pack
cpe:/o:microsoft:windows_vista::sp1
cpe:/o:microsoft:windows_xp::sp2:x64
cpe:/o:microsoft:windows_7:-:sp1:x32
...
CWE    1
CWE-20
OVAL    2
oval:org.secpod.oval:def:298
oval:org.secpod.oval:def:1039

© 2013 SecPod Technologies