CVE-2001-0137

Name of the Vulnerable Software and Affected Versions: Windows Media Player version 7

Description: The issue allows remote attackers to execute malicious Java applets in Internet Explorer clients. This is achieved by enclosing the applet in a skin file named skin.wmz, then referencing that skin in the codebase parameter to an applet tag.

Recommendations: For Windows Media Player version 7, consider disabling the execution of Java applets from skin files as a temporary workaround until a patch is available. Restrict access to the skin.wmz file to minimize the risk of exploitation. Avoid using the codebase parameter in applet tags to reference skins from untrusted sources.