| CVE ID | CVE-2016-0185 |
| CVSS SCORE | 6.8, AV:N/AC:M/Au:N/C:P/I:P/A:P |
| AFFECTED VENDORS |
Microsoft |
| AFFECTED PRODUCTS |
Windows Media Center |
| VULNERABILITY DETAILS |
An attacker can craft a malicious file with a .MCL extension. Contained within the .MCL file is a URL that points to a second crafted file of type .LNK or .URL. If the victim opens the .MCL file, the attacker can execute arbitrary code on the victim's machine under the context of the user. |
| ADDITIONAL DETAILS |
Microsoft has issued an update to correct this vulnerability. More details can be found at:
https://technet.microsoft.com/en-us/library/security/ms16-059.aspx |
| DISCLOSURE TIMELINE |
|
| CREDIT | Eduardo Braun Prado |
