| ID |
CVE-2015-1728
|
| Summary |
Microsoft Windows Media Player 10 through 12 allows remote attackers to execute arbitrary code via a crafted DataObject on a web site, aka "Windows Media Player RCE via DataObject Vulnerability." |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:microsoft:windows_media_player:10:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_media_player:10:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:windows_media_player:10.00.00.3646:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_media_player:10.00.00.3646:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:windows_media_player:10.00.00.3990:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_media_player:10.00.00.3990:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:windows_media_player:10.00.00.4019:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_media_player:10.00.00.4019:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:windows_media_player:10.00.00.4036:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_media_player:10.00.00.4036:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:windows_media_player:11:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_media_player:11:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:windows_media_player:11.0.5721.5145:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_media_player:11.0.5721.5145:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:windows_media_player:11.0.5721.5230:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_media_player:11.0.5721.5230:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:windows_media_player:11.0.6000.6324:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_media_player:11.0.6000.6324:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:windows_media_player:12:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_media_player:12:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 9.3 (as of 12-10-2018 - 22:08) |
| Impact: | |
| Exploitability: | |
|
| CWE |
CWE-17 |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
MEDIUM |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| COMPLETE |
COMPLETE |
COMPLETE |
|
| cvss-vector
via4
|
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
| msbulletin
via4
|
| bulletin_id | MS15-057 | | bulletin_url | | | date | 2015-06-09T00:00:00 | | impact | Remote Code Execution | | knowledgebase_id | 3033890 | | knowledgebase_url | | | severity | Critical | | title | Vulnerability in Windows Media Player Could Allow Remote Code Execution |
|
| refmap
via4
|
| idefense | 20150701 Microsoft Windows Media Player DataObject Switch Memory Corruption Vulnerability | | sectrack | 1032522 |
|
| Last major update |
12-10-2018 - 22:08 |
| Published |
10-06-2015 - 01:59 |
| Last modified |
12-10-2018 - 22:08 |
