Lucene search

K
saintSAINT CorporationSAINT:1690948909D4A644619AB3BCC68614E6
HistoryFeb 16, 2006 - 12:00 a.m.

Windows Media Player plugin EMBED buffer overflow

2006-02-1600:00:00
SAINT Corporation
www.saintcorporation.com
17

EPSS

0.947

Percentile

99.3%

Added: 02/16/2006
CVE: CVE-2006-0005
BID: 16644
OSVDB: 23132

Background

The Windows Media Player plug-in allows the processing of embedded media from inside other applications, such as web browsers.

Problem

A buffer overflow in the Windows Media Player plug-in allows remote command execution when a long EMBED tag is processed by a non-Microsoft Internet browser.

Resolution

Install the patch referenced in Microsoft Security Bulletin 06-006.

References

<http://www.microsoft.com/technet/security/Bulletin/MS06-006.mspx&gt;

Limitations

Exploit works on Mozilla Firefox 1.5.0.1 on Windows.

Platforms

Windows

EPSS

0.947

Percentile

99.3%