Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2015-2509

Published: 09/09/2015 Updated: 15/05/2019
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 940
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Windows 8.1

Vulnerability Summary

Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows user-assisted remote malicious users to execute arbitrary code via a crafted Media Center link (mcl) file, aka "Windows Media Center RCE Vulnerability."

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows 8.1 -

microsoft windows 8 -

microsoft windows 7 -

microsoft windows vista -

Exploits

Exploit DB: Microsoft Windows Media Center - MCL (MS15-100) (Metasploit)
## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::FILEFORMAT include Msf::Exploit::EXE include Msf::Exploit::Remote::SMB::Server::Share def ...
Exploit DB: Microsoft Windows Media Center - Command Execution (MS15-100)
# Title: MS15-100 Windows Media Center Command Execution # Date : 11/09/2015 # Author: R-73eN # Software: Windows Media Center # Tested : Windows 7 Ultimate # CVE : 2015-2509 banner = "" banner += " ___ __ ____ _ _ \n" banner +=" |_ _|_ __ / _| ___ / ___| ___ _ __ / \ | | \n" banner +=" | || '_ \| |_ ...

Recent Articles

Redmond yells 'CUT' on Hacking Team horror movie exploit
The Register • Darren Pauli • 10 Sep 2015

Media Player attack closed off

Another of exploits against Microsoft Windows that hit as a zero day after Hacking Team was hacked has been fixed. Trend Micro threat bod Kenney Lu says the fix for CVE-2015-2509 was among the 56 of this week's Patch Tuesday bug-splat. Hacking Team's remote code execution exploit works on Windows Vista through to 8 and works if a victim opens a crafted Media Center link file which contains malcode. Lu says the exploit works 'perfectly' on Windows Media Centre. "This vulnerability is related to a...

Read more...

References

CWE-284http://www.securityfocus.com/bid/76594https://www.exploit-db.com/exploits/38195/http://www.securitytracker.com/id/1033499http://www.rapid7.com/db/modules/exploit/windows/fileformat/ms15_100_mcl_exehttps://www.exploit-db.com/exploits/38151/https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-100https://nvd.nist.govhttps://www.theregister.co.uk/2015/09/10/redmond_yells_cut_on_hacking_team_horror_movie_exploit/https://www.exploit-db.com/exploits/38195/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111CVE-2024-32884IDORCVE-2023-1000CVE-2024-33260CVE-2024-3682reflected XSSrace conditionCVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook