4 matches found
CVE-2017-11768
CVE-2017-11768 is an information-disclosure vulnerability in Windows Media Player (affecting multiple Windows versions) that allows a crafted application to test for the presence of files on disk by abusing how WMP discloses file information. OpenVAS entries and the PacketStorm page corroborate t...
CVE-2003-0228
CVE-2003-0228 describes a directory traversal vulnerability in Microsoft Windows Media Player 7.1 and Windows Media Player for Windows XP. An attacker can cause arbitrary code execution by delivering a skins file whose URL contains hex-encoded backslashes (%5C), leading to placement of an executa...
CVE-2002-1847
CVE-2002-1847 concerns a buffer overflow in mplay32.exe of Microsoft Windows Media Player (versions 6.3–7.1). The vulnerability is triggered by a long mp3 filename command line argument, potentially allowing a remote attacker to execute arbitrary commands. The initial description notes that the o...
CVE-2002-0372
CVE-2002-0372 affects Windows Media Player 6.4, 7.1 and Media Player for Windows XP. A remote attacker could bypass Internet Explorer security and execute code by delivering a specially crafted .wma file with a license installation stored in the IE cache (Cache Path Disclosure via Windows Media P...