ID |
CVE-2015-1728
|
Summary |
Microsoft Windows Media Player 10 through 12 allows remote attackers to execute arbitrary code via a crafted DataObject on a web site, aka "Windows Media Player RCE via DataObject Vulnerability." |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:microsoft:windows_media_player:10:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_media_player:10:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:windows_media_player:10.00.00.3646:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_media_player:10.00.00.3646:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:windows_media_player:10.00.00.3990:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_media_player:10.00.00.3990:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:windows_media_player:10.00.00.4019:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_media_player:10.00.00.4019:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:windows_media_player:10.00.00.4036:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_media_player:10.00.00.4036:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:windows_media_player:11:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_media_player:11:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:windows_media_player:11.0.5721.5145:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_media_player:11.0.5721.5145:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:windows_media_player:11.0.5721.5230:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_media_player:11.0.5721.5230:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:windows_media_player:11.0.6000.6324:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_media_player:11.0.6000.6324:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:windows_media_player:12:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_media_player:12:*:*:*:*:*:*:*
|
CVSS |
Base: | 9.3 (as of 12-10-2018 - 22:08) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-17 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
MEDIUM |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
COMPLETE |
COMPLETE |
COMPLETE |
|
cvss-vector
via4
|
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
msbulletin
via4
|
bulletin_id | MS15-057 | bulletin_url | | date | 2015-06-09T00:00:00 | impact | Remote Code Execution | knowledgebase_id | 3033890 | knowledgebase_url | | severity | Critical | title | Vulnerability in Windows Media Player Could Allow Remote Code Execution |
|
refmap
via4
|
idefense | 20150701 Microsoft Windows Media Player DataObject Switch Memory Corruption Vulnerability | sectrack | 1032522 |
|
Last major update |
12-10-2018 - 22:08 |
Published |
10-06-2015 - 01:59 |
Last modified |
12-10-2018 - 22:08 |