QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2011-0032

Back to search

CVE-2011-0032

Published: Mar 9, 2011

Modified: Aug 6, 2024

PUBLISHED

Description

Untrusted search path vulnerability in DirectShow in Microsoft Windows Vista SP1 and SP2, Windows 7 Gold and SP1, Windows Server 2008 R2 and R2 SP1, and Windows Media Center TV Pack for Windows Vista allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a Digital Video Recording (.dvr-ms), Windows Recorded TV Show (.wtv), or .mpg file, aka "DirectShow Insecure Library Loading Vulnerability."

VendorProductVersions

n/a

n/a

affected
n/a

References

1025170
vdb-entry
x_refsource_SECTRACK
ADV-2011-0615
vdb-entry
x_refsource_VUPEN
oval:org.mitre.oval:def:12506
vdb-entry
signature
x_refsource_OVAL
TA11-067A
third-party-advisory
x_refsource_CERT
43626
third-party-advisory
x_refsource_SECUNIA
46682
vdb-entry
x_refsource_BID
MS11-015
vendor-advisory
x_refsource_MS
71015
vdb-entry
x_refsource_OSVDB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now