CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-0032

Untrusted search path vulnerability in DirectShow in Microsoft Windows Vista SP1 and SP2, Windows 7 Gold and SP1, Windows Server 2008 R2 and R2 SP1, and Windows Media Center TV Pack for Windows Vista allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a Digital Video Recording (.dvr-ms), Windows Recorded TV Show (.wtv), or .mpg file, aka "DirectShow Insecure Library Loading Vulnerability."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.434

EPSS Ranking 97.3%

CVSS Severity

CVSS v2 Score 9.3

References

Products affected by CVE-2011-0032

Microsoft » Windows Media Center Tv Pack » Version: Any

cpe:2.3:a:microsoft:windows_media_center_tv_pack:*
Microsoft » Windows 7 » Version: N/A

cpe:2.3:o:microsoft:windows_7:-
Microsoft » Windows Server 2008 » Version: r2

cpe:2.3:o:microsoft:windows_server_2008:r2
Microsoft » Windows Vista » Version: Any

cpe:2.3:o:microsoft:windows_vista:*
Microsoft » Windows Vista » Version: N/A

cpe:2.3:o:microsoft:windows_vista:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-0032

Products

Pricing

Contact Us