This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.
Arbitrary code can be executed on the remote host through Microsoft's
C run-time library.
The remote host contains a version of Microsoft's C run-time library
that is affected by a buffer overflow vulnerability.
An attacker who tricked a user on the affected host into opening a
specially crafted media file could leverage this issue to execute
arbitrary code in the context of the current user.
See also :
Microsoft has released a set of patches for Windows Vista, 2008, 7,
and 2008 R2.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 6.9
Public Exploit Available : false