| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS17-020 | Security Update for Windows DVD Maker (3208223) | Windows Vista | Important | 15-03-2017 |
Technical Information
Brief overview of the risk:
This security update resolves an information disclosure vulnerability in Windows DVD Maker. The vulnerability could allow an attacker to obtain information to further compromise a target system.
Detailed Information on the risk:
An information disclosure vulnerability exists in Windows when Windows DVD Maker fails to properly parse a specially crafted .msdvd file. An attacker who successfully exploited the vulnerability could obtain information to further compromise a target system.
To exploit the vulnerability, an attacker would have to either log on locally to an affected system, or convince a locally authenticated user to execute a specially crafted application.
Windows Vista Service Pack 2 To exploit the vulnerability, an attacker would have to either log on locally to an affected system, or convince a locally authenticated user to execute a specially crafted application.
Further information on this exploit is available at : MS17-020
Windows Vista x64 Edition Service Pack 2
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Affected Software
Windows Vista Service Pack 2Windows Vista x64 Edition Service Pack 2
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1