Microsoft Windows Media Player DVR-MS File Code Execution

Added: 03/14/2011
CVE: CVE-2011-0042
BID: 46680
OSVDB: 71016

Background

Windows Media Player is an audio and video media player for Windows platforms.

Problem

A file parsing error in Windows Media Player allows command execution when a user opens a specially crafted Digital Video Recording (DVR-MS) image file.

Resolution

Apply the patch referenced in Microsoft Security Bulletin 11-015.

References

http://secunia.com/advisories/43626/

Limitations

This exploit works on Microsoft Windows Media Player 11.0.6002.18005.

The user must open the HTML page on the target using Internet Explorer 7.

The executable smbclient must be available on the exploit server.

A valid SMB user with permission to write to the specified SMB share is required. The smb password is not allowed to contain single quotes (').

Platforms

Windows

Back to exploit index