Executive Summary

Summary
Title Vulnerability in Windows Media Center Could Allow Remote Code Execution (2604926)
Informations
Name MS11-076 First vendor Publication 2011-10-11
Vendor Microsoft Last vendor Modification 2013-07-09
Severity (Vendor) Important Revision 1.1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Revision Note: V1.1 (July 9, 2013): Bulletin revised to announce a detection change in the Windows Vista packages for the 2579686 update to correct a Windows Update reoffering issue. This is a detection change only. Customers who have already successfully updated their systems do not need to take any action.

Summary: This security update resolves a publicly disclosed vulnerability in Windows Media Center. The vulnerability could allow remote code execution if an attacker convinces a user to open a legitimate file that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Then, while opening the legitimate file, Windows Media Center could attempt to load the DLL file and execute any code it contained. For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a legitimate file.

Original Source

Url : http://technet.microsoft.com/en-us/security/bulletin/ms11-076

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:12934
 
Oval ID: oval:org.mitre.oval:def:12934
Title: Media Center Insecure Library Loading Vulnerability
Description: Untrusted search path vulnerability in Windows Media Center in Microsoft Windows Vista SP2 and Windows 7 Gold and SP1, and Windows Media Center TV Pack for Windows Vista, allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Media Center Insecure Library Loading Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2011-2009
 Version: 3
Platform(s): Microsoft Windows Vista
Microsoft Windows 7
 Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 3
Os 1

OpenVAS Exploits

Date Description
2011-10-12 Name : Microsoft Windows Media Center Remote Code Execution Vulnerabilities (2604926)
File : nvt/secpod_ms11-076.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
76205 Microsoft Windows Media Center Path Subversion Arbitrary DLL Injection Code E...

Information Assurance Vulnerability Management (IAVM)

Date Description
2011-10-13 IAVM : 2011-B-0124 - Microsoft Windows Media Center Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0030403

Snort® IPS/IDS

Date Description
2014-01-10 Microsoft Windows Media Player and shell extension request for ehtrace.dll ov...
RuleID : 18497 - Revision : 17 - Type : OS-WINDOWS
2014-01-10 Microsoft Windows Media Player and shell extension ehtrace.dll dll-load explo...
RuleID : 18496 - Revision : 15 - Type : OS-WINDOWS

Nessus® Vulnerability Scanner

Date Description
2011-10-11 Name : Arbitrary code can be executed on the remote host through Windows Media Center.
File : smb_nt_ms11-076.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
Date Informations
2014-02-17 11:47:07
  • Multiple Updates
2014-01-19 21:30:44
  • Multiple Updates
2013-11-11 12:41:25
  • Multiple Updates
2013-07-09 21:29:49
  • Multiple Updates
2013-07-09 21:16:57
  • Multiple Updates