Lucene search
GarminZDI-21-579HistoryMay 13, 2021 - 12:00 a.m.
Microsoft Windows Groove Music FLAC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
2021-05-1300:00:00
garmin
www.zerodayinitiative.com
38
microsoft
windows
groove music
flac
out-of-bounds write
remote code execution
user interaction
validation
allocated buffer
low integrity
EPSS
0.022
Percentile
89.7%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FLAC files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current user at low integrity.
Related
nessus
nessus
Microsoft Windows Web Media Extensions Library RCE (May 2021)
2021-05-11 00:00:00
prion
prion
Remote code execution
2021-05-11 19:15:00
mscve
mscve
Web Media Extensions Remote Code Execution Vulnerability
2021-05-11 07:00:00
cvelist
cvelist
CVE-2021-28465 Web Media Extensions Remote Code Execution Vulnerability
2021-05-11 19:11:15
cve
cve
CVE-2021-28465
2021-05-11 19:15:09
nvd
nvd
CVE-2021-28465
2021-05-11 19:15:09
zdi
zdi
kaspersky
kaspersky
KLA12174 Multiple vulnerabilities in Microsoft Windows
2021-05-11 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - May 2021
2021-05-11 23:44:00
qualysblog
qualysblog