CVE-2007-5095

Name of the Vulnerable Software and Affected Versions Microsoft Windows Media Player (WMP) 9 on Windows XP SP2

Description The issue allows remote attackers to potentially exploit vulnerabilities in software the user does not expect to run. This is demonstrated by the HTMLView parameter in an .asx file, where Microsoft Windows Media Player invokes Internet Explorer to render HTML documents contained inside some media files, regardless of the default web browser configured.

Recommendations For Microsoft Windows Media Player 9 on Windows XP SP2, consider disabling the HTML rendering feature in media files to minimize the risk of exploitation. Avoid using the HTMLView parameter in .asx files until the issue is resolved.