Lucene search

[email protected]CVE-2001-0137

HistoryMar 12, 2001 - 5:00 a.m.

CVE-2001-0137

2001-03-1205:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

windows media player

remote attack

java applets

skin files

nvd

cve-2001-0137

7.8 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.033 Low

EPSS

Percentile

91.3%

JSON

Windows Media Player 7 allows remote attackers to execute malicious Java applets in Internet Explorer clients by enclosing the applet in a skin file named skin.wmz, then referencing that skin in the codebase parameter to an applet tag, aka the Windows Media Player Skins File Download" vulnerability.

CPENameOperatorVersion
microsoft:windows_media_playermicrosoft windows media playereq7

CPE	Name	Operator	Version
microsoft:windows_media_player	microsoft windows media player	eq	7

References

marc.info/?l=bugtraq&m=97958100816503&w=2

www.securityfocus.com/bid/2203

docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-010

exchange.xforce.ibmcloud.com/vulnerabilities/5937

7.8 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.033 Low

EPSS

Percentile

91.3%

JSON

Related for CVE-2001-0137

cvelist1