9 matches found
CVE-2006-0025
CVE-2006-0025 is a stack-based buffer overflow in Windows Media Player 9/10 triggered by processing crafted PNG chunks, enabling remote code execution. Affected component: Windows Media Player (version 9 and 10 explicitly cited; other sources describe PNG chunk handling). Root cause: improper par...
CVE-2015-1728
CVE-2015-1728 affects Microsoft Windows Media Player 10–12. The root cause is improper handling of specially crafted DataObjects, enabling a remote attacker to execute arbitrary code when a user opens a crafted DataObject on a web page. The vulnerability is remote-code-execution with high impact,...
CVE-2007-3037
CVE-2007-3037 is a Windows Media Player skin parsing code execution vulnerability. It stems from header handling in skin files (WMZ/WMD), causing a size mismatch between compressed and decompressed data and resulting in a heap-based buffer overflow. Affects Windows Media Player versions 7.1, 9, 1...
CVE-2006-0006
CVE-2006-0006 is a heap-based buffer overflow in Windows Media Player’s bitmap processing. A crafted BMP can trigger an overflow when the file declares a size of 0, allowing remote code execution. Affected products/versions include Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on W...
CVE-2010-2745
CVE-2010-2745 is a Windows Media Player memory corruption vulnerability affecting WMP 9–12. It arises when Windows Media Player fails to deallocate objects during a browser reload, allowing a remote attacker to execute arbitrary code by convincing a user to visit a crafted web page. Exploitation ...
CVE-2008-5745
Microsoft Windows Media Player (WMP) 9–11 suffers an integer overflow in quartz.dll (DirectShow) that can be triggered by crafted WAV, SND, or MID files, causing an application crash (DoS). This aligns with CVE-2008-5745; related entries exist for CVE-2008-4927. Technical details about impact vec...
CVE-2007-3035
CVE-2007-3035 is a remote code execution vulnerability in Windows Media Player skin handling. A boundary error when decompressing skin header data in WMZ/WMD skins could allow an attacker to execute arbitrary code on affected systems, with the attacker gaining the same privileges as the logged-in...
CVE-2005-1574
CVE-2005-1574 affects Windows Media Player versions 9 and 10, where WMDRM-protected content could redirect users to a licensing Web site even if the auto-license setting is disabled. The connected sources describe the impact as a license-redirect vulnerability within WMDRM, but do not provide dee...
CVE-2008-4927
CVE-2008-4927 affects Microsoft Windows Media Player (WMP) 9.0 through 11. The vulnerability is a denial-of-service condition caused by parsing errors in MIDI or DAT files, specifically related to the MThd Header Parsing . It allows a user-assisted attacker to crash the application. The available...