Vulnerabilities > CVE-2011-2009 - Unspecified vulnerability in Microsoft products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN microsoft
nessus
Summary
Untrusted search path vulnerability in Windows Media Center in Microsoft Windows Vista SP2 and Windows 7 Gold and SP1, and Windows Media Center TV Pack for Windows Vista, allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Media Center Insecure Library Loading Vulnerability."
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 6 | |
Application | 1 |
Msbulletin
bulletin_id | MS11-076 |
bulletin_url | |
date | 2011-10-11T00:00:00 |
impact | Remote Code Execution |
knowledgebase_id | 2604926 |
knowledgebase_url | |
severity | Important |
title | Vulnerability in Windows Media Center Could Allow Remote Code Execution |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS11-076.NASL |
description | The remote Windows host contains a version of Windows Media Center that fails to properly restrict the path used for loading external libraries. If an attacker can trick a user into opening a file that resides in the same directory as a specially crafted DLL file, he can leverage this issue to execute arbitrary code in that DLL file subject to the user |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 56450 |
published | 2011-10-11 |
reporter | This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/56450 |
title | MS11-076: Vulnerability in Windows Media Center Could Allow Remote Code Execution (2604926) |
Oval
accepted | 2011-11-28T04:00:17.791-05:00 | ||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||
description | Untrusted search path vulnerability in Windows Media Center in Microsoft Windows Vista SP2 and Windows 7 Gold and SP1, and Windows Media Center TV Pack for Windows Vista, allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Media Center Insecure Library Loading Vulnerability." | ||||||||||||||||||||||||
family | windows | ||||||||||||||||||||||||
id | oval:org.mitre.oval:def:12934 | ||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||
submitted | 2011-10-11T13:00:00 | ||||||||||||||||||||||||
title | Media Center Insecure Library Loading Vulnerability | ||||||||||||||||||||||||
version | 71 |