Unrated severityNVD Advisory· Published Dec 18, 2004· Updated Apr 16, 2026

CVE-2004-1325

Description

The getItemInfoByAtom function in the ActiveX control for Microsoft Windows Media Player 9.0 returns a 0 if the file does not exist and the size of the file if the file exists, which allows remote attackers to determine the existence of files on the local system.

Affected products

Microsoft/Windows Media Player
cpe:2.3:a:microsoft:windows_media_player:9:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/12032nvdExploitPatchVendor Advisory
marc.infonvd
exchange.xforce.ibmcloud.com/vulnerabilities/18587nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.036
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000