Detections
Analytics

MS10-075: Vulnerability in Media Player Network Sharing Service Could Allow Remote Code Execution (2281679) (uncredentialed check)

high Nessus Plugin ID 50000

Language:

Synopsis

It is possible to execute arbitrary code on the remote Windows host using the Microsoft Windows Media Player Network Sharing Service.

Description

A use-after-free vulnerability exists in the Microsoft Windows Media Player Network Sharing Service installed on the remote host.

By sending a specially crafted Real Time Streaming Protocol (RTSP) packet to the affected service, a remote attacker may be able to leverage this vulnerability to execute arbitrary code in the security context of the Network Service account.

Solution

Microsoft has released a set of patches for Windows Vista and Windows 7.

See Also

http://www.microsoft.com/technet/security/Bulletin/MS10-075.mspx

Plugin Details

Severity: High

ID: 50000

File Name: rtsp-useafterfree-ms10-075.nbin

Version: 1.93

Type: remote

Agent: windows

Family: Windows

Published: 10/18/2010

Updated: 3/19/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2010-3225

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: upnp/serialNumber

Exploit Ease: No known exploits are available

Patch Publication Date: 10/12/2010

Vulnerability Publication Date: 10/12/2010

Reference Information

CVE: CVE-2010-3225

BID: 43776

IAVA: 2010-A-0141-S

MSFT: MS10-075

MSKB: 2281679