CVE-2010-1042

2010-03-2300:53:22

[email protected]

web.nvd.nist.gov

cve-2010-1042

microsoft

windows media player 11

colorspace conversion

remote attackers

denial of service

memory corruption

arbitrary code

avi file

nvd

8.1 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.969 High

EPSS

Percentile

99.7%

JSON

Microsoft Windows Media Player 11 does not properly perform colorspace conversion, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .AVI file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD

Node

microsoftwindows_media_playerMatch11

microsoftwindows_media_playerMatch11.0.5721.5145

microsoftwindows_media_playerMatch11.0.6000.6324

CPENameOperatorVersion
microsoft:windows_media_playermicrosoft windows media playereq11
microsoft:windows_media_playermicrosoft windows media playereq11.0.5721.5145
microsoft:windows_media_playermicrosoft windows media playereq11.0.6000.6324

CPE	Name	Operator	Version
microsoft:windows_media_player	microsoft windows media player	eq	11
microsoft:windows_media_player	microsoft windows media player	eq	11.0.5721.5145
microsoft:windows_media_player	microsoft windows media player	eq	11.0.6000.6324