[Forgot Password]
Login  Register Subscribe

23631

 
 

126951

 
 

99602

 
 

909

 
 

80198

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2006-0005

Date: (C)2006-02-14   (M)2017-10-12 


Buffer overflow in the plug-in for Microsoft Windows Media Player (WMP) 9 and 10, when used in browsers other than Internet Explorer and set as the default application to handle media files, allows remote attackers to execute arbitrary code via HTML with an EMBED element containing a long src attribute.

CVSS Score: 9.3Access Vector: NETWORK
Exploit Score: 8.6Access Complexity: MEDIUM
Impact Score: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE





Reference:
SECTRACK-1015628
BID-16644
SECUNIA-18852
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=393
ADV-2006-0575
MS06-006
TA06-045A
VU#692060
win-mediaplayer-plugin-embed-bo(24493)

CPE    7
cpe:/o:microsoft:windows-nt:2000
cpe:/o:microsoft:windows-nt:xp
cpe:/o:microsoft:windows_xp:::x64
cpe:/o:microsoft:windows_xp::sp1:media_center
...
CWE    1
CWE-119
OVAL    1
oval:org.mitre.oval:def:1559

© 2013 SecPod Technologies