CVE-2014-4060
Use-after-free vulnerability in MCPlayer.dll in Microsoft Windows Media Center TV Pack for Windows Vista, Windows 7 SP1, and Windows Media Center for Windows 8 and 8.1 allows remote attackers to execute arbitrary code via a crafted Office document that triggers deletion of a CSyncBasePlayer object, aka "CSyncBasePlayer Use After Free Vulnerability."
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.2767 (27.7%)
Percentil: 96.5%
EPSS: 2026-05-06
Afecta
microsoft:windows_media_centermicrosoft:windows_8microsoft:windows_8.1microsoft:windows_media_center_tv_packmicrosoft:windows_7microsoft:windows_vistaDescripción técnica
Use-after-free vulnerability in MCPlayer.dll in Microsoft Windows Media Center TV Pack for Windows Vista, Windows 7 SP1, and Windows Media Center for Windows 8 and 8.1 allows remote attackers to execute arbitrary code via a crafted Office document that triggers deletion of a CSyncBasePlayer object, aka "CSyncBasePlayer Use After Free Vulnerability."
Publicada: 12/8/2014, 21:55:07
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://secunia.com/advisories/60671
- http://www.securityfocus.com/bid/69093
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-043
- http://secunia.com/advisories/60671
- http://www.securityfocus.com/bid/69093
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-043