CVE-2001-0243

Name of the Vulnerable Software and Affected Versions Windows Media Player versions 7 and earlier

Description The issue allows remote attackers to read certain files due to the way Windows Media Player stores Internet shortcuts. Specifically, it stores them in a user's Temporary Files folder with a fixed filename, instead of in the Internet Explorer cache. This causes the HTML in those shortcuts to run in the Local Computer Zone instead of the Internet Zone.

Recommendations For Windows Media Player versions 7 and earlier, consider restricting access to sensitive files as a temporary workaround until a patch is available. Avoid using Windows Media Player to open Internet shortcuts from untrusted sources.