CVSS Severity (version 2.0):
CVSS v2 Base Score:
Impact Subscore: 10.0
Exploitability Subscore: 8.6
CVSS Version 2 Metrics:
Access Vector: Network exploitable - Victim must voluntarily interact with attack mechanism
Access Complexity: Medium
Authentication: Not required to exploit
Impact Type: Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service
'For an attack to be successful, a user must visit an untrusted remote file system location or WebDAV share and open a media file (such as .wtv, .drv-ms, or .mpg files).'
FAQ: 'This is a remote code execution vulnerability. '