Lucene search

Kaspersky LabKLA10045

HistoryDec 17, 2012 - 12:00 a.m.

KLA10045 ACE vulnerability in Media Player Classic

2012-12-1700:00:00

Kaspersky Lab

threats.kaspersky.com

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

Low

0.166 Low

EPSS

Percentile

96.1%

JSON

Buffer overflow was found at mplayerc.exe in Media Player Classic & Windows Media Player. Malicious can use this vulnerability to execute arbitrary code via specially designed *.mp4 file.

Original advisories

Related products

Media-Player-Classic

CVE list

CVE-2007-6402 critical

Solution

Update to latest version

Media Player Classic

Impacts

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

Affected Products

Media Player Classic version 6.4.9

References

statistics.securelist.com/

threats.kaspersky.com/en/product/Media-Player-Classic/

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

AI Score

Confidence

Low

0.166 Low

EPSS

Percentile

96.1%

JSON

Related for KLA10045