Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2006-0005
HistoryFeb 14, 2006 - 7:06 p.m.

CVE-2006-0005

2006-02-1419:06:00
CWE-119
[email protected]
web.nvd.nist.gov
4

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.947

Percentile

99.3%

JSON

Buffer overflow in the plug-in for Microsoft Windows Media Player (WMP) 9 and 10, when used in browsers other than Internet Explorer and set as the default application to handle media files, allows remote attackers to execute arbitrary code via HTML with an EMBED element containing a long src attribute.

Affected configurations

Nvd
Node
microsoftwindows-ntMatchdatacenter_server
OR
microsoftwindows-ntMatchdatacenter_serversp1
OR
microsoftwindows-ntMatchdatacenter_serversp2
OR
microsoftwindows-ntMatchdatacenter_serversp3
OR
microsoftwindows-ntMatchdatacenter_serversp4
OR
microsoftwindows-ntMatchxpsp2home
OR
microsoftwindows-ntMatchxp_tablet_pc
OR
microsoftwindows-ntMatchxp_tablet_pcsp1
OR
microsoftwindows-ntMatchxp_tablet_pcsp2
OR
microsoftwindows_2000sp1pro
OR
microsoftwindows_2000sp2pro
OR
microsoftwindows_2000sp3pro
OR
microsoftwindows_2000sp4
OR
microsoftwindows_2000sp4pro
OR
microsoftwindows_2000Match-
OR
microsoftwindows_2000_advanced_server
OR
microsoftwindows_2000_advanced_serverMatchsp1
OR
microsoftwindows_2000_advanced_serverMatchsp2
OR
microsoftwindows_2000_advanced_serverMatchsp3
OR
microsoftwindows_2000_advanced_serverMatchsp4
OR
microsoftwindows_2003_serverMatchdatacenter_edition
OR
microsoftwindows_2003_serverMatchdatacenter_edition_64-bit
OR
microsoftwindows_2003_serverMatchenterprise_edition
OR
microsoftwindows_2003_serverMatchenterprise_edition_64-bit
OR
microsoftwindows_2003_serverMatchstandard
OR
microsoftwindows_2003_serverMatchstandard_64-bit
OR
microsoftwindows_2003_serverMatchweb_edition
OR
microsoftwindows_server_2000Matchnone
OR
microsoftwindows_server_2000Matchsp1
OR
microsoftwindows_server_2000Matchsp2
OR
microsoftwindows_server_2000Matchsp3
OR
microsoftwindows_server_2003Matchdatacenter_sp1
OR
microsoftwindows_server_2003Matchenterprise_sp1
OR
microsoftwindows_server_2003Matchstandard_sp1
OR
microsoftwindows_server_2003Matchweb_edition_sp1
OR
microsoftwindows_xphome
OR
microsoftwindows_xpmedia_center
OR
microsoftwindows_xppro
OR
microsoftwindows_xpx64
OR
microsoftwindows_xpsp1home
OR
microsoftwindows_xpsp1media_center
OR
microsoftwindows_xpsp1pro
OR
microsoftwindows_xpsp2media_center
OR
microsoftwindows_xpsp2pro
OR
microsoftwindows_xpMatch-

Related

cert 1
saint 4
cve 1
checkpoint_advisories 1
cvelist 1
prion 1
nessus 1
securityvulns 3
exploitdb 1
cert
cert
Microsoft Windows Media Player plug-in buffer overflow
2006-02-14 00:00:00
saint
saint
Windows Media Player plugin EMBED buffer overflow
2006-02-16 00:00:00
Windows Media Player plugin EMBED buffer overflow
2006-02-16 00:00:00
Windows Media Player plugin EMBED buffer overflow
2006-02-16 00:00:00
cve
cve
CVE-2006-0005
2006-02-14 19:06:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Media Player Plug-in Buffer Overflow (CVE-2006-0005)
2010-03-22 00:00:00
cvelist
cvelist
CVE-2006-0005
2006-02-14 19:00:00
prion
prion
Buffer overflow
2006-02-14 19:06:00
nessus
nessus
MS06-006: Vulnerability in Windows Media Player Plug-in Could Allow Remote Code Execution (911564)
2006-02-14 00:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS06-006 Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution (911564)
2006-02-15 00:00:00
iDefense Security Advisory 02.14.06: Microsoft Windows Media Player Plugin Buffer Overflow Vulnerability
2006-02-15 00:00:00
US-CERT Technical Cyber Security Alert TA06-045A -- Microsoft Windows, Windows Media Player, and Internet Explorer Vulnerabilities
2006-02-15 00:00:00
exploitdb
exploitdb
Microsoft Windows Media Player 9 - Plugin Overflow (MS06-006) (Metasploit)
2006-02-17 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.947

Percentile

99.3%

JSON
Related for NVD:CVE-2006-0005
cert1saint4cve1checkpoint_advisories1cvelist1prion1nessus1securityvulns3exploitdb1