9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.963 High
EPSS
Percentile
99.4%
Added: 02/16/2006
CVE: CVE-2006-0005
BID: 16644
OSVDB: 23132
The Windows Media Player plug-in allows the processing of embedded media from inside other applications, such as web browsers.
A buffer overflow in the Windows Media Player plug-in allows remote command execution when a long EMBED tag is processed by a non-Microsoft Internet browser.
Install the patch referenced in Microsoft Security Bulletin 06-006.
<http://www.microsoft.com/technet/security/Bulletin/MS06-006.mspx>
Exploit works on Mozilla Firefox 1.5.0.1 on Windows.
Windows