MS13-057 Vulnerability in Windows Media Format Runtime Could Allow Remote Code Execution
2013-07-09
Vulnerabilities addressed in this bulletin:
Bulletin details at Microsoft.com
Vulnerabilities addressed in this bulletin:
- WMV Video Decoder Remote Code Execution Vulnerability
- A remote code execution vulnerability exists in the way Windows Media Format Runtime handles certain media files. This vulnerability could allow an attacker to execute arbitrary code if the attacker convinces a user to open a specially crafted media file. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
CVE-2013-3127
Bulletin details at Microsoft.com
Related CVE Entries
The Microsoft WMV video codec in wmv9vcm.dll, wmvdmod.dll in Windows Media Format Runtime 9 and 9.5, and wmvdecod.dll in Windows Media Format Runtime 11 and Windows Media Player 11 and 12 allows remote attackers to execute arbitrary code via a crafted media file, aka "WMV Video Decoder Remote Code Execution Vulnerability."
Max CVSS
9.3
EPSS Score
83.79%
Published
2013-07-10
Updated
2018-10-12