9.3

CVE-2011-0032

Untrusted search path vulnerability in DirectShow in Microsoft Windows Vista SP1 and SP2, Windows 7 Gold and SP1, Windows Server 2008 R2 and R2 SP1, and Windows Media Center TV Pack for Windows Vista allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a Digital Video Recording (.dvr-ms), Windows Recorded TV Show (.wtv), or .mpg file, aka "DirectShow Insecure Library Loading Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftWindows 7 Version-
MicrosoftWindows 7 Version- Updatesp1 Editionx64
MicrosoftWindows 7 Version- Updatesp1 Editionx86
MicrosoftWindows Server 2008 Versionr2 Editionx64
MicrosoftWindows Vista Updatesp1
MicrosoftWindows Vista Updatesp2
MicrosoftWindows Vista Editionx32
MicrosoftWindows Vista Editionx64
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 10.39% 0.951
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.us-cert.gov/cas/techalerts/TA11-067A.html
US Government Resource
http://osvdb.org/71015
http://secunia.com/advisories/43626
http://www.securityfocus.com/bid/46682
http://www.securitytracker.com/id?1025170
http://www.vupen.com/english/advisories/2011/0615
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-015
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12506