Microsoft Windows Media Remote Code Execution Vulnerability (2648048) Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS11-092.

Impact

Successful exploitation could allow attackers to execute arbitrary code with the privileges of the user running the application. Impact Level: System

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://technet.microsoft.com/en-us/security/bulletin/ms11-092

Insight

The flaw is due to an error in Windows Media Player and Windows Media Center when parsing Microsoft Digital Video Recording files (DVR-MS) and can be exploited to corrupt memory.

Affected

Micorsoft Windows 7 Service Pack 1 and prior Microsoft Windows XP Service Pack 3 and prior Microsoft Windows Vista Service Pack 2 and prior

References

http://secunia.com/advisories/47117
http://support.microsoft.com/kb/2619339
http://technet.microsoft.com/en-us/security/bulletin/ms11-092
http://www.securitytracker.com/id/1026407

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-3401

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Microsoft Distributed File System Remote Code Execution Vulnerabilities (2535512)
Microsoft Excel Remote Code Execution Vulnerability (956416)
Buffer Overrun in the ListBox and in the ComboBox (824141)
Microsoft DirectShow Remote Code Execution Vulnerability (961373)
Microsoft Excel Could Allow Remote Code Execution Vulnerabilities (954066)

Take action and discover your vulnerabilities