CVE-2006-6134

Name of the Vulnerable Software and Affected Versions Windows Media Player version 10.00.00.4036

Description The issue is related to a heap-based buffer overflow in the WMCheckURLScheme function in WMVCORE.DLL, which can be exploited by remote attackers to cause a denial of service, resulting in an application crash, and potentially execute arbitrary code. This can be achieved through a long HREF attribute using an unrecognized protocol in a REF element in an ASX PlayList file.

Recommendations For Windows Media Player version 10.00.00.4036, consider disabling the WMCheckURLScheme function as a temporary workaround until a patch is available. Restrict access to ASX PlayList files to minimize the risk of exploitation. Avoid using unrecognized protocols in REF elements until the issue is resolved.