CVE-2003-0228

Name of the Vulnerable Software and Affected Versions: Windows Media Player version 7.1 Windows Media Player for Windows XP

Description: A directory traversal issue allows remote attackers to execute arbitrary code via a skins file with a URL containing hex-encoded backslash characters (%5C) that causes an executable to be placed in an arbitrary location.

Recommendations: For Windows Media Player version 7.1, consider disabling the skins feature until a patch is available. For Windows Media Player for Windows XP, restrict access to skins files to minimize the risk of exploitation.