PT-2010-4260 · Microsoft · Windows Media Player
Published
2010-10-13
·
Updated
2023-12-07
·
CVE-2010-2745
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Microsoft Windows Media Player versions 9 through 12
Description
The issue arises from improper deallocation of objects during a browser reload action when handling crafted media content referenced in an HTML document. This allows user-assisted remote attackers to execute arbitrary code.
Recommendations
For Microsoft Windows Media Player versions 9 through 12, update to a version that properly deallocates objects during browser reload actions to prevent arbitrary code execution.
Exploit
Fix
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Windows Media Player