Lucene search
+L
MicrosoftWindows Media Player9

20 matches found

CVE
CVE
added 2010/04/14 3:44 p.m.155 views

CVE-2010-0268

CVE-2010-0268 describes a remote code execution vulnerability in the Windows Media Player ActiveX control (Windows Media Player 9 Series) on Windows 2000 SP4 and Windows XP SP2/SP3. The issue arises because the ActiveX control incorrectly handles specially crafted media content hosted on a malici...

9.3CVSS8AI score0.20122EPSS
CVE
CVE
added 2004/08/05 4:0 a.m.136 views

CVE-2004-0597

CVE-2004-0597 describes multiple buffer overflows in libpng 1.2.5 and earlier caused by insufficient bounds checks in png_handle_tRNS, png_handle_sBIT, and png_handle_hIST. This allows remote attackers to execute arbitrary code via crafted PNG images. Connected sources note that some advisories p...

10CVSS7.5AI score0.82537EPSS
CVE
CVE
added 2006/06/13 7:0 p.m.131 views

CVE-2006-0025

CVE-2006-0025 is a stack-based buffer overflow in Windows Media Player 9/10 triggered by processing crafted PNG chunks, enabling remote code execution. Affected component: Windows Media Player (version 9 and 10 explicitly cited; other sources describe PNG chunk handling). Root cause: improper par...

9.3CVSS7.6AI score0.48723EPSS
CVE
CVE
added 2009/10/14 10:0 a.m.88 views

CVE-2009-0555

CVE-2009-0555 is a Windows Media Runtime issue affecting the ASF handling in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and ACM. The flaw allows remote code execution via a crafted ASF audio file that uses the Windows Media Speech codec, as described in multiple sources (MS09-...

9.3CVSS7.2AI score0.27086EPSS
CVE
CVE
added 2009/10/14 10:0 a.m.81 views

CVE-2009-2525

CVE-2009-2525 is the Windows History: The Windows Media Runtime Heap Corruption Vulnerability. A remote code execution flaw exists in Windows Media Runtime (DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager) caused by improper initialization of unspecifi...

9.3CVSS7.4AI score0.23318EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.78 views

CVE-2004-1244

CVE-2004-1244 is a PNG-processing remote-code-execution vulnerability in Windows Media Player 9 (WMP9) that occurs when parsing PNG images with excessively large width/height values. Affects WMP9 and related Windows components (e.g., Windows Messenger, MSN Messenger) and can allow arbitrary code ...

7.5CVSS7.5AI score0.33199EPSS
CVE
CVE
added 2006/02/14 10:0 p.m.68 views

CVE-2006-0006

CVE-2006-0006 is a heap-based buffer overflow in Windows Media Player’s bitmap processing. A crafted BMP can trigger an overflow when the file declares a size of 0, allowing remote code execution. Affected products/versions include Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on W...

9.3CVSS7.7AI score0.53596EPSS
CVE
CVE
added 2007/08/14 9:0 p.m.67 views

CVE-2007-3037

CVE-2007-3037 is a Windows Media Player skin parsing code execution vulnerability. It stems from header handling in skin files (WMZ/WMD), causing a size mismatch between compressed and decompressed data and resulting in a heap-based buffer overflow. Affects Windows Media Player versions 7.1, 9, 1...

4CVSS7.5AI score0.21825EPSS
CVE
CVE
added 2010/10/13 6:0 p.m.65 views

CVE-2010-2745

CVE-2010-2745 is a Windows Media Player memory corruption vulnerability affecting WMP 9–12. It arises when Windows Media Player fails to deallocate objects during a browser reload, allowing a remote attacker to execute arbitrary code by convincing a user to visit a crafted web page. Exploitation ...

9.3CVSS7.4AI score0.24248EPSS
CVE
CVE
added 2010/02/26 7:0 p.m.63 views

CVE-2010-0718

CVE-2010-0718 pertains to a buffer overflow in Microsoft Windows Media Player (versions 9 and 11.0.5721.5145) when processing crafted .mpg files. The OpenVAS entries describe a BOF condition that can trigger a denial of service (divide-by-zero) resulting in an application crash. The OpenVAS/NVD r...

4.3CVSS6.9AI score0.08869EPSS
CVE
CVE
added 2008/12/29 3:0 p.m.61 views

CVE-2008-5745

Microsoft Windows Media Player (WMP) 9–11 suffers an integer overflow in quartz.dll (DirectShow) that can be triggered by crafted WAV, SND, or MID files, causing an application crash (DoS). This aligns with CVE-2008-5745; related entries exist for CVE-2008-4927. Technical details about impact vec...

4.3CVSS6.7AI score0.21444EPSS
CVE
CVE
added 2007/08/14 9:0 p.m.59 views

CVE-2007-3035

CVE-2007-3035 is a remote code execution vulnerability in Windows Media Player skin handling. A boundary error when decompressing skin header data in WMZ/WMD skins could allow an attacker to execute arbitrary code on affected systems, with the attacker gaining the same privileges as the logged-in...

7.6CVSS7.4AI score0.25002EPSS
CVE
CVE
added 2008/11/04 8:0 p.m.58 views

CVE-2008-4927

CVE-2008-4927 affects Microsoft Windows Media Player (WMP) 9.0 through 11. The vulnerability is a denial-of-service condition caused by parsing errors in MIDI or DAT files, specifically related to the MThd Header Parsing . It allows a user-assisted attacker to crash the application. The available...

4.3CVSS6.2AI score0.04029EPSS
CVE
CVE
added 2005/05/14 4:0 a.m.56 views

CVE-2005-1574

CVE-2005-1574 affects Windows Media Player versions 9 and 10, where WMDRM-protected content could redirect users to a licensing Web site even if the auto-license setting is disabled. The connected sources describe the impact as a license-redirect vulnerability within WMDRM, but do not provide dee...

7.5CVSS6.7AI score0.04716EPSS
CVE
CVE
added 2005/10/11 4:0 a.m.56 views

CVE-2005-2128

The CVE-2005-2128 issue affects Microsoft DirectShow (QUARTZ.DLL) used by Windows Media Player 9. A lack of validation of the AVI file’s strn element length allows a crafted .avi to cause a memory write (null byte) to an arbitrary location, enabling remote code execution. The vulnerability is exp...

5CVSS6.6AI score0.40492EPSS
CVE
CVE
added 2005/01/06 5:0 a.m.53 views

CVE-2004-1324

The CVE-2004-1324 entry concerns the Microsoft Windows Media Player 9.0 ActiveX control. The vulnerability arises when processing a music file in Internet Explorer, where the (1) artist and (2) song fields can be used to trigger remote script execution in the Local computer zone. This exposes the...

2.6CVSS7.6AI score0.1665EPSS
CVE
CVE
added 2003/06/28 4:0 a.m.47 views

CVE-2003-0348

CVE-2003-0348 concerns the Windows Media Player 9 Series ActiveX control. The ActiveX control allows script-access to the Windows Media Library, enabling a remote attacker to view and potentially modify library data via HTML script. CERT/CC confirms script access validation weaknesses, and Micros...

6.4CVSS6.3AI score0.19935EPSS
CVE
CVE
added 2005/03/11 5:0 a.m.46 views

CVE-2003-1107

Technical details about CVE-2003-1107 are not publicly provided in the supplied documents. Monitor for updates from official advisories or vendor advisories.

5.1CVSS7.1AI score0.05182EPSS
CVE
CVE
added 2005/01/06 5:0 a.m.46 views

CVE-2004-1325

The CVE-2004-1325 entry concerns the ActiveX control used by Windows Media Player 9.0. The getItemInfoByAtom function returns 0 if a target file does not exist, or the file size if it exists, enabling remote attackers to determine whether files exist on the local system. The description focuses o...

5CVSS6.9AI score0.15721EPSS
CVE
CVE
added 2007/09/26 10:0 p.m.46 views

CVE-2007-5095

CVE-2007-5095 affects Microsoft Windows Media Player 9 on Windows XP SP2, where WMP invokes Internet Explorer to render HTML documents embedded in certain media files (notably via the HTMLView parameter in .asx files). Root cause is the browser rendering trigger from within WMP, potentially expos...

7.5CVSS6.6AI score0.1517EPSS