MS13-056: Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (2845187)

This script is Copyright (C) 2013-2017 Tenable Network Security, Inc.

Synopsis :

The remote Windows host is potentially affected by a remote code
execution vulnerability.

Description :

The remote Windows host is potentially affected by a vulnerability that
could allow remote code execution if a user opens a malicious image
file. Successful exploitation of this vulnerability could allow an
attacker to gain the same user rights as the local user.

See also :

Solution :

Microsoft has released a set of patches for Windows XP, 2003, Vista, 7,
2008, 2008 R2, 8, and 2012.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.3
Public Exploit Available : true

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 67213 ()

Bugtraq ID: 60979

CVE ID: CVE-2013-3174

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now