CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
87.7%
Buffer overflow in mplay32.exe of Microsoft Windows Media Player (WMP) 6.3 through 7.1 allows remote attackers to execute arbitrary commands via a long mp3 filename command line argument. NOTE: since the only known attack vector requires command line access, this may not be a vulnerability.
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | windows_media_player | - | cpe:2.3:a:microsoft:windows_media_player:-:*:*:*:*:*:*:* |
microsoft | windows_media_player | 6.3 | cpe:2.3:a:microsoft:windows_media_player:6.3:*:*:*:*:*:*:* |
microsoft | windows_media_player | 6.4 | cpe:2.3:a:microsoft:windows_media_player:6.4:*:*:*:*:*:*:* |
microsoft | windows_media_player | 7 | cpe:2.3:a:microsoft:windows_media_player:7:*:*:*:*:*:*:* |
microsoft | windows_media_player | 7.1 | cpe:2.3:a:microsoft:windows_media_player:7.1:*:*:*:*:*:*:* |