Vulnerability Details CVE-2014-4060
Use-after-free vulnerability in MCPlayer.dll in Microsoft Windows Media Center TV Pack for Windows Vista, Windows 7 SP1, and Windows Media Center for Windows 8 and 8.1 allows remote attackers to execute arbitrary code via a crafted Office document that triggers deletion of a CSyncBasePlayer object, aka "CSyncBasePlayer Use After Free Vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.16
EPSS Ranking 94.4%
CVSS Severity
CVSS v2 Score 6.8
References
- http://secunia.com/advisories/60671
- http://www.securityfocus.com/bid/69093
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-043
- http://secunia.com/advisories/60671
- http://www.securityfocus.com/bid/69093
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-043
Products affected by CVE-2014-4060
-
cpe:2.3:a:microsoft:windows_media_center:-
-
cpe:2.3:a:microsoft:windows_media_center_tv_pack:-
-
cpe:2.3:o:microsoft:windows_7:-
-
cpe:2.3:o:microsoft:windows_8.1:-
-
cpe:2.3:o:microsoft:windows_8:-
-
cpe:2.3:o:microsoft:windows_vista:-