Unrated severityNVD Advisory· Published Dec 18, 2004· Updated Apr 16, 2026

CVE-2004-1324

Description

The Microsoft Windows Media Player 9.0 ActiveX control may allow remote attackers to execute arbitrary web script in the Local computer zone via the (1) artist or (2) song fields of a music file, if the file is processed using Internet Explorer.

Affected products

Microsoft/Windows Media Player
cpe:2.3:a:microsoft:windows_media_player:9:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/12031nvdExploitPatchVendor Advisory
marc.infonvd
exchange.xforce.ibmcloud.com/vulnerabilities/18576nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.013
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000