PT-2004-2247 · Microsoft · Windows Media Player+1
Arman Nayyeri
·
Published
2004-12-18
·
Updated
2017-07-11
·
CVE-2004-1324
CVSS v2.0
2.6
Low
| Vector | AV:N/AC:H/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions:
Microsoft Windows Media Player version 9.0
Description:
The issue allows remote attackers to execute arbitrary web script in the Local computer zone. This can occur via the
artist or song fields of a music file when the file is processed using Internet Explorer.Recommendations:
For Microsoft Windows Media Player version 9.0, consider disabling the ActiveX control temporarily to minimize the risk of exploitation. Restrict access to music files that could be used to trigger the issue until a fix is available.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Internet Explorer
Windows Media Player