CVE-2004-0726

Name of the Vulnerable Software and Affected Versions Microsoft Windows 2000

Description The issue allows remote attackers to execute arbitrary script in the local computer zone. This is achieved via an ASX filename that contains javascript, which is executed in the local context in a preview panel.

Recommendations For Microsoft Windows 2000, consider disabling the Windows Media Player control as a temporary workaround until a patch is available. Restrict access to potentially malicious ASX files to minimize the risk of exploitation.