Unrated severityNVD Advisory· Published Dec 14, 2011· Updated Apr 29, 2026

CVE-2011-3401

Description

ENCDEC.DLL in Windows Media Player and Media Center in Microsoft Windows XP SP2 and SP3, Windows Vista SP2, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted .dvr-ms file, aka "Windows Media Player DVR-MS Memory Corruption Vulnerability."

Affected products

Microsoft/Windows 73 versions
cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_7:-:sp1:x86:*:*:*:*:*
Microsoft/Windows Vista
cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*
Microsoft/Windows Xp3 versions
cpe:2.3:o:microsoft:windows_xp:2005:sp3:media_center:*:*:*:*:*+ 2 more
- cpe:2.3:o:microsoft:windows_xp:2005:sp3:media_center:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.031
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000