CVE-2016-0101

Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via crafted media content, aka "Windows Media Parsing Remote Code Execution Vulnerability."

Published: Mar 9, 2016
Updated: Apr 13, 2023
CVE: CVE-2016-0101
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
microsoft / windows_server_2012	r2	r2.x
microsoft / windows_server_2008	r2	r2.x
microsoft / windows_10	1511	1511.x
microsoft / windows_7	--sp1	--sp1.x

http://www.securityfocus.com/bid/84111
http://www.securitytracker.com/id/1035200
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-027

Vulnerability Database

289,599

CVE-2016-0101