MS11-092: Vulnerability in Windows Media Could Allow Remote Code Execution (2648048)

high Nessus Plugin ID 57278

Synopsis

The version of Windows Media installed on the remote host has a memory corruption vulnerability.

Description

The Windows Media Player or Windows Media Center install on the remote Windows host is affected by the following vulnerability :

- A memory corruption vulnerability could be triggered when parsing a specially crafted DVR-MS (Microsoft Digital Video Recording) file. (CVE-2011-3401)

If a remote attacker can trick a user into opening a malicious DVR-MS file using the affected install, this vulnerability could be leveraged to execute arbitrary code subject to the user's privileges.

Solution

Microsoft has released a set of patches for Windows XP, Vista, and 7.

See Also

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2011/ms11-092

Plugin Details

Severity: High

ID: 57278

File Name: smb_nt_ms11-092.nasl

Version: 1.19

Type: local

Agent: windows

Published: 12/13/2011

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Ease: No known exploits are available

Patch Publication Date: 12/13/2011

Vulnerability Publication Date: 12/13/2011

Reference Information

CVE: CVE-2011-3401

BID: 50957

IAVA: 2011-A-0171

MSFT: MS11-092

MSKB: 2619339, 2619340