Windows Media Center 6.1.7600 XXE Injection
Posted by deepcore on December 6, 2016 – 6:45 am
Windows Media Center “ehshell.exe” is vulnerable to an XML External Entity attack allowing remote access to any files on a victim’s computer, if they open an XXE laden “.mcl” file via a remote share / USB or from a malicious “windowsmediacenterweb” web link.
Post a reply
You must be logged in to post a comment.