Lucene search

K
cve[email protected]CVE-2006-0005
HistoryFeb 14, 2006 - 7:06 p.m.

CVE-2006-0005

2006-02-1419:06:00
CWE-119
web.nvd.nist.gov
25
cve-2006-0005
buffer overflow
wmp plug-in
remote code execution
nvd
security vulnerability

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

Low

EPSS

0.947

Percentile

99.3%

Buffer overflow in the plug-in for Microsoft Windows Media Player (WMP) 9 and 10, when used in browsers other than Internet Explorer and set as the default application to handle media files, allows remote attackers to execute arbitrary code via HTML with an EMBED element containing a long src attribute.

Affected configurations

NVD
Node
microsoftwindows-ntMatchdatacenter_server
OR
microsoftwindows-ntMatchdatacenter_serversp1
OR
microsoftwindows-ntMatchdatacenter_serversp2
OR
microsoftwindows-ntMatchdatacenter_serversp3
OR
microsoftwindows-ntMatchdatacenter_serversp4
OR
microsoftwindows-ntMatchxpsp2home
OR
microsoftwindows-ntMatchxp_tablet_pc
OR
microsoftwindows-ntMatchxp_tablet_pcsp1
OR
microsoftwindows-ntMatchxp_tablet_pcsp2
OR
microsoftwindows_2000sp1pro
OR
microsoftwindows_2000sp2pro
OR
microsoftwindows_2000sp3pro
OR
microsoftwindows_2000sp4
OR
microsoftwindows_2000sp4pro
OR
microsoftwindows_2000Match-
OR
microsoftwindows_2000_advanced_server
OR
microsoftwindows_2000_advanced_serverMatchsp1
OR
microsoftwindows_2000_advanced_serverMatchsp2
OR
microsoftwindows_2000_advanced_serverMatchsp3
OR
microsoftwindows_2000_advanced_serverMatchsp4
OR
microsoftwindows_2003_serverMatchdatacenter_edition
OR
microsoftwindows_2003_serverMatchdatacenter_edition_64-bit
OR
microsoftwindows_2003_serverMatchenterprise_edition
OR
microsoftwindows_2003_serverMatchenterprise_edition_64-bit
OR
microsoftwindows_2003_serverMatchstandard
OR
microsoftwindows_2003_serverMatchstandard_64-bit
OR
microsoftwindows_2003_serverMatchweb_edition
OR
microsoftwindows_server_2000Matchnone
OR
microsoftwindows_server_2000Matchsp1
OR
microsoftwindows_server_2000Matchsp2
OR
microsoftwindows_server_2000Matchsp3
OR
microsoftwindows_server_2003Matchdatacenter_sp1
OR
microsoftwindows_server_2003Matchenterprise_sp1
OR
microsoftwindows_server_2003Matchstandard_sp1
OR
microsoftwindows_server_2003Matchweb_edition_sp1
OR
microsoftwindows_xphome
OR
microsoftwindows_xpmedia_center
OR
microsoftwindows_xppro
OR
microsoftwindows_xpx64
OR
microsoftwindows_xpsp1home
OR
microsoftwindows_xpsp1media_center
OR
microsoftwindows_xpsp1pro
OR
microsoftwindows_xpsp2media_center
OR
microsoftwindows_xpsp2pro
OR
microsoftwindows_xpMatch-

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

Low

EPSS

0.947

Percentile

99.3%