CVE-2014-4060

medium

Microsoft

CVSS v3 Base Score

6.8

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS Score

27.7%

Exploitation probability in 30 days

Top 4% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Confidentiality

Integrity

Availability

Published: August 12, 2014 (4293 days ago)

Last Modified: May 6, 2026

Vendor: Microsoft

Source: NVD

Description

Use-after-free vulnerability in MCPlayer.dll in Microsoft Windows Media Center TV Pack for Windows Vista, Windows 7 SP1, and Windows Media Center for Windows 8 and 8.1 allows remote attackers to execute arbitrary code via a crafted Office document that triggers deletion of a CSyncBasePlayer object, aka "CSyncBasePlayer Use After Free Vulnerability."

CWE

CWE-416

Affected Products

microsoft windows media centermicrosoft windows media center tv pack

References

🔗 secunia.com 🔗 www.securityfocus.com 🔗 docs.microsoft.com 🔗 secunia.com 🔗 www.securityfocus.com

CVE-2014-4060

Vulnerability Report

Description

CWE

Affected Products

References