Remote Code Execution Vulnerability in Microsoft Windows Media Center
CVE-2015-6131

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows 8.1; Windows 7; Windows Vista; Windows 8
Vendor: CVE Published:; 9 December 2015

Summary

A vulnerability in Microsoft Windows Media Center allows remote attackers to execute arbitrary code on vulnerable systems. By crafting a malicious .mcl file and enticing a user to open it, an attacker can gain unauthorized access and execute harmful commands. This impacts multiple versions of Microsoft Windows, including Vista, 7, 8, and 8.1.

References

http://www.securitytracker.com/id/1034335

vdb-entryx_refsource_SECTRACK

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

https://www.exploit-db.com/exploits/38911/

exploitx_refsource_EXPLOIT-DB

EPSS Score

57% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 9, 2015
Vulnerability Reserved
Aug 14, 2015