Summary
Detail | |||
---|---|---|---|
Vendor | Microsoft | First view | 2010-03-10 |
Product | Windows Movie Maker | Last view | 2013-12-29 |
Version | 6.0 | Type | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
4.3 | 2013-12-29 | CVE-2013-4858 | Microsoft Windows Movie Maker 2.1.4026.0 on Windows XP SP3 allows remote attackers to cause a denial of service (application crash) via a crafted .wav file, as demonstrated by movieMaker.wav. |
9.3 | 2010-12-16 | CVE-2010-3967 | Untrusted search path vulnerability in Microsoft Windows Movie Maker (WMM) 2.6 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a Movie Maker (MSWMM) file, aka "Insecure Library Loading Vulnerability." |
9.3 | 2010-08-11 | CVE-2010-2564 | Buffer overflow in Microsoft Windows Movie Maker (WMM) 2.1, 2.6, and 6.0 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted project file, aka "Movie Maker Memory Corruption Vulnerability." |
9.3 | 2010-03-10 | CVE-2010-0265 | Buffer overflow in Microsoft Windows Movie Maker 2.1, 2.6, and 6.0, and Microsoft Producer 2003, allows remote attackers to execute arbitrary code via a crafted project (.MSWMM) file, aka "Movie Maker and Producer Buffer Overflow Vulnerability." |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
33% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
33% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
33% (1) | CWE-20 | Improper Input Validation |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:8595 | Movie Maker and Producer Buffer Overflow Vulnerability |
oval:org.mitre.oval:def:12011 | Movie Maker Memory Corruption Vulnerability |
oval:org.mitre.oval:def:12250 | Insecure Library Loading Vulnerability |
SAINT Exploits
Description | Link |
---|---|
Microsoft Windows Movie Maker IsValidWMToolsStream buffer overflow | More info here |
Microsoft Windows Movie Maker MediaClipString Buffer Overflow | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
67543 | Microsoft Windows Movie Maker Path Subversion Arbitrary OCX Injection Code Ex... |
66986 | Microsoft Windows Movie Maker Imported Projector File (.MSWMM) String Parsing... |
62811 | Microsoft Windows Movie Maker / Producer IsValidWMToolsStream() Function Proj... |
ExploitDB Exploits
id | Description |
---|---|
14886 | MOAUB #4 - Movie Maker Remote Code Execution (MS10-016) |
OpenVAS Exploits
id | Description |
---|---|
2010-12-15 | Name : Microsoft Windows Movie Maker Could Allow Remote Code Execution Vulnerability... File : nvt/secpod_ms10-093.nasl |
2010-08-11 | Name : Microsoft Windows Movie Maker Could Allow Remote Code Execution Vulnerability... File : nvt/secpod_ms10-050.nasl |
2010-03-10 | Name : Microsoft Windows Movie Maker Could Allow Remote Code Execution Vulnerability... File : nvt/secpod_ms10-016.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2010-B-0114 | Microsoft Windows Movie Maker Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0025863 |
Snort® IPS/IDS
Date | Description |
---|---|
2018-02-27 | Microsoft Windows Movie Maker project file heap buffer overflow attempt RuleID : 45554 - Type : FILE-MULTIMEDIA - Revision : 1 |
2018-02-27 | Microsoft Windows Movie Maker project file heap buffer overflow attempt RuleID : 45553 - Type : FILE-MULTIMEDIA - Revision : 1 |
2016-03-15 | Microsoft Windows Movie Maker project file heap buffer overflow attempt RuleID : 37663 - Type : FILE-MULTIMEDIA - Revision : 1 |
2014-01-10 | Microsoft Windows Movie Maker project file heap buffer overflow attempt RuleID : 19956 - Type : FILE-MULTIMEDIA - Revision : 15 |
2014-01-10 | Microsoft Windows Movie Maker string size overflow attempt RuleID : 19063 - Type : FILE-MULTIMEDIA - Revision : 16 |
2014-01-10 | Microsoft Movie Maker hhctrl.ocx dll-load attempt RuleID : 18211 - Type : OS-WINDOWS - Revision : 9 |
2014-01-10 | Microsoft Movie Maker hhctrl.ocx dll-load attempt RuleID : 18210 - Type : OS-WINDOWS - Revision : 10 |
2014-01-10 | Microsoft Windows Movie Maker string size overflow attempt RuleID : 17135 - Type : FILE-MULTIMEDIA - Revision : 16 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2010-12-15 | Name: The remote Windows host is affected by a remote code execution vulnerability. File: smb_nt_ms10-093.nasl - Type: ACT_GATHER_INFO |
2010-08-11 | Name: Arbitrary code can be executed on the remote host through Windows Movie Maker. File: smb_nt_ms10-050.nasl - Type: ACT_GATHER_INFO |
2010-03-09 | Name: Arbitrary code can be executed on the remote host through Windows Movie Maker. File: smb_nt_ms10-016.nasl - Type: ACT_GATHER_INFO |