CVE-2006-0005

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Media Player versions 9 through 10

Description: A buffer overflow issue exists in the plug-in for Microsoft Windows Media Player, specifically when used in browsers other than Internet Explorer and set as the default application to handle media files. This allows remote attackers to execute arbitrary code via HTML with an EMBED element containing a long src attribute.

Recommendations: For Microsoft Windows Media Player versions 9 through 10, consider disabling the plug-in for non-Internet Explorer browsers as a temporary workaround until a patch is available. Restrict access to handling media files to minimize the risk of exploitation. Avoid using the EMBED element with long src attributes in HTML until the issue is resolved.