VYPR

Windows Media Player

by Microsoft

CVEs (75)

  • CVE-2001-0719Dec 6, 2001
    risk 0.01cvss epss 0.17

    Buffer overflow in Microsoft Windows Media Player 6.4 allows remote attackers to execute arbitrary code via a malformed Advanced Streaming Format (ASF) file.

  • CVE-2001-0541Sep 20, 2001
    risk 0.01cvss epss 0.16

    Buffer overflow in Microsoft Windows Media Player 7.1 and earlier allows remote attackers to execute arbitrary commands via a malformed Windows Media Station (.NSC) file.

  • CVE-2001-0243Jun 27, 2001
    risk 0.01cvss epss 0.18

    Windows Media Player 7 and earlier stores Internet shortcuts in a user's Temporary Files folder with a fixed filename instead of in the Internet Explorer cache, which causes the HTML in those shortcuts to run in the Local Computer Zone instead of the Internet Zone, which allows…

  • CVE-2023-29370Jun 13, 2023
    risk 0.00cvss epss 0.01

    Windows Media Remote Code Execution Vulnerability

  • CVE-2023-23402Mar 14, 2023
    risk 0.00cvss epss 0.01

    Windows Media Remote Code Execution Vulnerability

  • CVE-2023-23401Mar 14, 2023
    risk 0.00cvss epss 0.01

    Windows Media Remote Code Execution Vulnerability

  • CVE-2023-21802Feb 14, 2023
    risk 0.00cvss epss 0.01

    Windows Media Remote Code Execution Vulnerability

  • CVE-2022-44668Dec 13, 2022
    risk 0.00cvss epss 0.01

    Windows Media Remote Code Execution Vulnerability

  • CVE-2021-33740Jul 14, 2021
    risk 0.00cvss epss 0.03

    Windows Media Remote Code Execution Vulnerability

  • CVE-2008-4927Nov 4, 2008
    risk 0.00cvss epss 0.04

    Microsoft Windows Media Player (WMP) 9.0 through 11 allows user-assisted attackers to cause a denial of service (application crash) via a malformed (1) MIDI or (2) DAT file, related to "MThd Header Parsing." NOTE: the provenance of this information is unknown; the details are…

  • CVE-2005-1574May 14, 2005
    risk 0.00cvss epss 0.05

    Windows Media Player 9 and 10, in certain cases, allows content protected by Windows Media Digital Rights Management (WMDRM) to redirect the user to a web site to obtain a license, even when the "Acquire licenses automatically for protected content" setting is not enabled.

  • CVE-2003-1107Dec 31, 2003
    risk 0.00cvss epss 0.05

    The DHTML capability in Microsoft Windows Media Player (WMP) 6.4, 7.0, 7.1, and 9 may run certain URL commands from a security zone that is less trusted than the current zone, which allows attackers to bypass intended access restrictions.

  • CVE-2002-0615Jul 3, 2002
    risk 0.00cvss epss 0.06

    The Windows Media Active Playlist in Microsoft Windows Media Player 7.1 stores information in a well known location on the local file system, allowing attackers to execute HTML scripts in the Local Computer zone, aka "Media Playback Script Invocation".

  • CVE-2002-0373Jul 3, 2002
    risk 0.00cvss epss 0.02

    The Windows Media Device Manager (WMDM) Service in Microsoft Windows Media Player 7.1 on Windows 2000 systems allows local users to obtain LocalSystem rights via a program that calls the WMDM service to connect to an invalid local storage device, aka "Privilege Elevation through…

  • CVE-2002-0340Jun 25, 2002
    risk 0.00cvss epss 0.04

    Windows Media Player (WMP) 8.00.00.4477, and possibly other versions, automatically detects and executes .wmf and other content, even when the file's extension or content type does not specify .wmf, which could make it easier for attackers to conduct unauthorized activities via…

Page 4 of 4