Windows DVD Maker Cross-Site Request Forgery Vulnerability for Windows Vista for x64-based Systems (KB3205715)
Risk Information
Base Score
5.6
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C
EPSS Score
Exploitation Probability
3.64%
CVE Information
Patch Details
Patch associated with this vulnerability is supported by ManageEngine.
Patch ID
22112
Patch Description
Security Update for Windows Vista for x64-based Systems (KB3205715)
References
http://hyp3rlinx.altervista.org/advisories/MICROSOFT-DVD-MAKER-XML-EXTERNAL-ENTITY-FILE-DISCLOSURE.txt
http://www.securityfocus.com/bid/96103
http://www.securitytracker.com/id/1038015
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0045
https://www.exploit-db.com/exploits/41619/