CVE-2016-0185
CVE-2016-0185
Vexday Risk Score
83Fix now
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
Exploit maturity
Proof of concept
Public proof of concept exists, but not yet automated.
CVSS 7.8EPSS 69.9%KEV simPoC públicaNuclei —Metasploit —Patch referenciado
Lifecycle
11 May 2016Published on NVD
12 May 2016Public PoC
03 Nov 2021Active exploitation (CISA KEV)
Weaponization speed
1 daysto first PoC
2002 daysto active exploitation (KEV)
Weaponized quickly — attackers prioritized this vulnerability. Patch urgently.
Recommendation: Patch as soon as possible — active exploitation confirmed.
In short
Windows Media Center can be tricked into running malicious code when you open a specially crafted link file (.mcl). An attacker can exploit this to take control of your computer remotely.
Technical detail
A remote code execution vulnerability exists in Windows Media Center (Vista SP2, 7 SP1, 8.1) where processing a maliciously crafted .mcl file allows arbitrary code execution with user privileges. Attack vector is via user interaction with a malicious Media Center link file; requires the victim to open the crafted file.
Summary generated and translated by AI from the official description.
Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, and Windows 8.1 allows remote attackers to execute arbitrary code via a crafted Media Center link (aka .mcl) file, aka "Windows Media Center Remote Code Execution Vulnerability."
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 2
cve_referencewww.exploit-db.com/exploits/39805/unverifiedexploitdbwww.exploit-db.com/exploits/39805unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-059https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-0185https://www.exploit-db.com/exploits/39805/http://www.securityfocus.com/bid/90023http://www.securitytracker.com/id/1035832http://www.zerodayinitiative.com/advisories/ZDI-16-277