MS11-092: Vulnerability in Windows Media Could Allow Remote Code Execution (2648048)
High Nessus Plugin ID 57278
SynopsisThe version of Windows Media installed on the remote host has a memory corruption vulnerability.
DescriptionThe Windows Media Player or Windows Media Center install on the remote Windows host is affected by the following vulnerability :
- A memory corruption vulnerability could be triggered when parsing a specially crafted DVR-MS (Microsoft Digital Video Recording) file. (CVE-2011-3401)
If a remote attacker can trick a user into opening a malicious DVR-MS file using the affected install, this vulnerability could be leveraged to execute arbitrary code subject to the user's privileges.
SolutionMicrosoft has released a set of patches for Windows XP, Vista, and 7.