Vulnerability CVE-2011-0042 - CERT Civis.Net

Vulnerability Name:

CVE-2011-0042 (CCN-64921)

Assigned:

2010-12-10

Published:

2011-03-08

Updated:

2018-10-30

Summary:

SBE.dll in the Stream Buffer Engine in Windows Media Player and Windows Media Center in Microsoft Windows XP SP2 and SP3, Windows XP Media Center Edition 2005 SP3, Windows Vista SP1 and SP2, Windows 7 Gold and SP1, and Windows Media Center TV Pack for Windows Vista does not properly parse Digital Video Recording (.dvr-ms) files, which allows remote attackers to execute arbitrary code via a crafted file, aka "DVR-MS Vulnerability."

CVSS v3 Severity:

10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2011-0042

Source: OSVDB
Type: UNKNOWN
71016

Source: CCN
Type: SA43626
Microsoft Windows DirectShow/Windows Media Two Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
43626

Source: CCN
Type: IBM Security Protection Alert
Microsoft Windows Media Could Allow Remote Code Execution

Source: CCN
Type: Microsoft Security Bulletin MS11-015
Vulnerabilities in Windows Media Could Allow Remote Code Execution (2510030)

Source: CCN
Type: OSVDB ID: 71016
Microsoft Windows Media Player / Center .dvr-ms File Handling Arbitrary Code Execution

Source: BID
Type: UNKNOWN
46680

Source: CCN
Type: BID-46680
Microsoft Windows Media Player/Windows Media Center '.dvr-ms' File Code Execution Vulnerability

Source: SECTRACK
Type: UNKNOWN
1025169

Source: CERT
Type: US Government Resource
TA11-067A

Source: VUPEN
Type: UNKNOWN
ADV-2011-0615

Source: MS
Type: UNKNOWN
MS11-015

Source: XF
Type: UNKNOWN
ms-media-dvrms-code-execution(64921)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:12281

Vulnerable Configuration:

Configuration 1:

cpe:/o:microsoft:windows_xp:2005:sp3:media_center:*:*:*:*:*

OR cpe:/o:microsoft:windows_7:-:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_7:-:sp1:*:*:ultimate_n:*:x64:*

OR cpe:/o:microsoft:windows_7:-:sp1:*:*:ultimate_n:*:x86:*

OR cpe:/o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:*:sp1:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:*:sp2:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:sp2:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*

Configuration 2:

cpe:/a:microsoft:windows_media_center_tv_pack:*:*:*:*:*:*:*:*

AND

cpe:/o:microsoft:windows_vista:*:*:x32:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:*:*:x64:*:*:*:*:*

Configuration CCN 1:

cpe:/o:microsoft:windows_xp::sp2:x64:*:professional:*:*:*

OR cpe:/o:microsoft:windows_vista:-:sp1:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:-:sp1:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows:xp:sp3:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:-:sp2:x64:*:*:*:*:*

OR cpe:/o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_7:-:-:*:*:ultimate_n:*:x64:*

OR cpe:/o:microsoft:windows_7:-:*:*:*:*:*:x32:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:12281	V	DVR-MS Vulnerability	2014-03-03