Main Vulnerability Database Exploits ID:1065 - Exploit for XML injection in Windows - CVE-2017-0045

ID:1065 - Exploit for XML injection in Windows - CVE-2017-0045

Published: March 18, 2020

Vulnerability identifier: #VU5956

Vulnerability risk: Low

CVE-ID: CVE-2017-0045

CWE-ID: CWE-611

Exploitation vector: Remote access

Vulnerable software:
Windows

Link to public exploit:

https://www.exploit-db.com/exploits/41619/

Vulnerability description

The disclosed vulnerability allows a remote attacker to gain access to potentially sensitive data.

The vulnerability exists due to a flaw in Windows DVD Maker when parsing a malicious .msdvd file. A remote attacker can create a specially crafted .msdvd file, trick the victim into opening it and read arbitrary file on the victim's computer.

Successful exploitation of this vulnerability may allow an attacker to read arbitrary file on victim's computer.

Remediation

Install update from vendor's website.

ID:1065 - Exploit for XML injection in Windows - CVE-2017-0045

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human