[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

111604

 
 

909

 
 

87185

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2006-0005Date: (C)2006-02-14   (M)2018-02-19


Buffer overflow in the plug-in for Microsoft Windows Media Player (WMP) 9 and 10, when used in browsers other than Internet Explorer and set as the default application to handle media files, allows remote attackers to execute arbitrary code via HTML with an EMBED element containing a long src attribute.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1015628
BID-16644
SECUNIA-18852
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=393
ADV-2006-0575
MS06-006
TA06-045A
VU#692060
win-mediaplayer-plugin-embed-bo(24493)

CPE    7
cpe:/o:microsoft:windows-nt:2000
cpe:/o:microsoft:windows_xp::sp1:media_center
cpe:/o:microsoft:windows_xp::sp2:media_center
cpe:/o:microsoft:windows_xp:::media_center
...
CWE    1
CWE-119
OVAL    1
oval:org.mitre.oval:def:1559

© SecPod Technologies