Published: 09/12/2015 Updated: 15/05/2019

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows remote malicious users to read arbitrary files via a crafted .mcl file, aka "Windows Media Center Information Disclosure Vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows 8 -
microsoft windows 7 -
microsoft windows 8.1 -
microsoft windows vista -

1 Advisory Information Title: Microsoft Windows Media Center link file incorrectly resolved reference Advisory ID: CORE-2015-0014 Advisory URL: wwwcoresecuritycom/advisories/microsoft-windows-media-center-link-file-incorrectly-resolved-reference Date published: 2015-12-08 Date of last update: 2015-12-04 Vendors contacted: Microsoft Relea ...

Core Security Technologies Advisory - The 'application' tag in Microsoft Windows Media Center link files (mcl extension) can include a 'run' parameter, which indicates the path of a file to be launched when opening the MCL file, or a 'url' parameter, which indicates the URL of a web page to be loaded within the Media Center's embedded web browser ...

CWE-200 http://www.securityfocus.com/bid/78516 http://www.securitytracker.com/id/1034335 https://www.exploit-db.com/exploits/38912/https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-134 https://nvd.nist.gov https://www.exploit-db.com/exploits/38912/

CVE-2015-6127

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect