Executive Summary

Title Vulnerability in Windows Media Format Runtime Could Allow Remote Code Execution (2847883)
Name MS13-057 First vendor Publication 2013-07-09
Vendor Microsoft Last vendor Modification 2013-08-27
Severity (Vendor) Critical Revision 3.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores


Revision Note: V3.0 (August 27, 2013): Bulletin revised to rerelease security update 2803821 for Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008; security update 2834902 for Windows XP and Windows Server 2003; security update 2834903 for Windows XP; security update 2834904 for Windows XP and Windows Server 2003; and security update 2834905 for Windows XP. Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008 customers should install the rereleased updates. See the Update FAQ for more information.

Summary: This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted media file. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Original Source

Url : http://technet.microsoft.com/en-us/security/bulletin/ms13-057

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-94 Failure to Control Generation of Code ('Code Injection')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:16998
Oval ID: oval:org.mitre.oval:def:16998
Title: WMV Video Decoder remote code execution vulnerability - MS13-057
Description: The Microsoft WMV video codec in wmv9vcm.dll, wmvdmod.dll in Windows Media Format Runtime 9 and 9.5, and wmvdecod.dll in Windows Media Format Runtime 11 and Windows Media Player 11 and 12 allows remote attackers to execute arbitrary code via a crafted media file, aka "WMV Video Decoder Remote Code Execution Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2013-3127
Version: 15
Platform(s): Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Server 2012
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows 8
Product(s): Windows Media Format Runtime 9.0
Windows Media Format Runtime 9.5
Windows Media Format Runtime 11
Windows Media Player 12
Definition Synopsis:

CPE : Common Platform Enumeration

Application 3
Application 2

Information Assurance Vulnerability Management (IAVM)

Date Description
2013-07-11 IAVM : 2013-B-0072 - Microsoft Windows Media Format Runtime Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0039212

Nessus® Vulnerability Scanner

Date Description
2013-07-10 Name : The remote Windows host is potentially affected by a remote code execution vu...
File : smb_nt_ms13-057.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
Date Informations
2014-02-17 11:47:43
  • Multiple Updates
2013-11-11 12:41:34
  • Multiple Updates
2013-08-27 21:15:58
  • Multiple Updates
2013-08-13 21:20:24
  • Multiple Updates
2013-07-10 21:22:28
  • Multiple Updates
2013-07-10 13:22:55
  • Multiple Updates
2013-07-09 21:16:30
  • First insertion