11 matches found
CVE-2000-1113
The connected CERT document confirms a buffer overflow in Windows Media Player’s Active Stream Redirector (.ASX) file parser, affecting Windows Media Player versions 6.4 and 7, which could allow remote code execution when a user views a malicious page. The root cause is improper handling of ASX d...
CVE-2001-0243
CVE-2001-0243 affects Windows Media Player 6.4/7: Internet shortcuts created in the user’s Temporary Files folder with a fixed name cause HTML to render in the Local Computer Zone rather than Internet Zone, enabling a remote attacker to read local files or execute commands when a user views a mal...
CVE-2002-1847
CVE-2002-1847 concerns a buffer overflow in mplay32.exe of Microsoft Windows Media Player (versions 6.3–7.1). The vulnerability is triggered by a long mp3 filename command line argument, potentially allowing a remote attacker to execute arbitrary commands. The initial description notes that the o...
CVE-2000-0929
CVE-2000-0929 concerns Microsoft Windows Media Player 7. The vulnerability arises from an embedded OCX control used in RTf-enabled email clients that is not closed properly, allowing denial of service. Affected product is Windows Media Player 7 (RTF-enabled email contexts mentioned). Root cause: ...
CVE-2001-0137
CVE-2001-0137 affects Windows Media Player 7. The vulnerability lets remote attackers cause the execution of malicious Java applets in Internet Explorer by embedding the applet in a skin.wmz skin file and referencing it via the skin in the codebase parameter of an applet tag (Windows Media Player...
CVE-2003-0604
The CVE-2003-0604 entry concerns Windows Media Player 7 and 8 running within Internet Explorer (and other HTML-processing Microsoft products) that process an HTML iframe. The vulnerability arises when an IFRAME tag pointing to an ASF file with a Content-location containing a File:// URL bypasses ...
CVE-2001-0541
CVE-2001-0541 is a buffer overflow vulnerability in Microsoft Windows Media Player 7.1 and earlier triggered by a malformed Windows Media Station (.NSC) file, allowing remote command execution. The connected records corroborate the affected software (Windows Media Player 7.x), the attack vector (...
CVE-2001-0148
CVE-2001-0148 affects the WMP ActiveX Control in Windows Media Player 7, enabling remote command execution in Internet Explorer via javascript URLs (Frame Domain Verification variant). The vulnerability is triggered through the WMP ActiveX component, allowing a remote attacker to execute commands...
CVE-2003-1107
Technical details about CVE-2003-1107 are not publicly provided in the supplied documents. Monitor for updates from official advisories or vendor advisories.
CVE-2000-1112
Technical details about CVE-2000-1112 are not publicly available in the provided connected documents. The record describes Windows Media Player 7 skin-script execution, but no specifics on affected versions, root cause, exploit method, or fixes are included. Monitor for updates.
CVE-2001-0242
CVE-2001-0242 describes a buffer overflow in the Active Stream Redirector (.ASX) parsing of Windows Media Player (notably versions 6.4 and 7). The CERT/VU content attributes the issue to the .ASX file handler, which can be triggered by viewing a malicious web page, potentially allowing remote cod...