Buffer Overflow in Microsoft Windows Media Player Plugin for Web Browsers
CVE-2006-0005

Currently unrated

Key Information:

Vendor

Microsoft
Status
Windows 2003 Server
Windows Server 2003
Windows Xp
Windows 2000
Vendor
CVE Published:
14 February 2006

What is CVE-2006-0005?

A buffer overflow exists in the plugin for Microsoft Windows Media Player versions 9 and 10, particularly when it is used in web browsers other than Internet Explorer. This vulnerability allows remote attackers to execute arbitrary code on a user's system by crafting an HTML page with an EMBED element that contains a excessively long src attribute. Users who have set Windows Media Player as the default application for handling media files are at risk when visiting these malicious sites.

References

http://www.vupen.com/english/advisories/2006/0575
vdb-entryx_refsource_VUPEN
http://www.securityfocus.com/bid/16644
vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/24493
vdb-entryx_refsource_XF

EPSS Score

75% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2006-0005 : Buffer Overflow in Microsoft Windows Media Player Plugin for Web Browsers