Advisory Details

May 10th, 2016

Microsoft Windows Media Center .MCL File Remote Code Execution Vulnerability

ZDI-16-277
ZDI-CAN-3568

CVE ID CVE-2016-0185
CVSS SCORE 6.8, (AV:N/AC:M/Au:N/C:P/I:P/A:P)
AFFECTED VENDORS Microsoft
AFFECTED PRODUCTS Windows Media Center
TREND MICRO CUSTOMER PROTECTION Trend Micro TippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID 24366. For further product information on the TippingPoint IPS: http://www.tippingpoint.com
VULNERABILITY DETAILS


This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows Media Center. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

An attacker can craft a malicious file with a .MCL extension. Contained within the .MCL file is a URL that points to a second crafted file of type .LNK or .URL. If the victim opens the .MCL file, the attacker can execute arbitrary code on the victim's machine under the context of the user.

ADDITIONAL DETAILS Microsoft has issued an update to correct this vulnerability. More details can be found at:
https://technet.microsoft.com/en-us/library/security/ms16-059.aspx
DISCLOSURE TIMELINE
  • 2016-02-08 - Vulnerability reported to vendor
  • 2016-05-10 - Coordinated public release of advisory
CREDIT Eduardo Braun Prado
BACK TO ADVISORIES