Windows Media Player Remote Code Execution Risk via Malformed Skin Files
CVE-2007-3035

Currently unrated

Key Information:

Vendor

Microsoft
Status
Windows Media Player
Vendor
CVE Published:
14 August 2007

What is CVE-2007-3035?

A vulnerability has been identified in Microsoft Windows Media Player versions 7.1, 9, 10, and 11 that could allow remote attackers to execute arbitrary code on the affected system. This is achieved through the manipulation of specially crafted skin files (WMZ or WMD) where improper handling of header information during decompression can lead to execution of malicious code. Users of the affected versions are encouraged to update to the latest patches to mitigate potential exploits.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/25305
vdb-entryx_refsource_BID
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
http://www.us-cert.gov/cas/techalerts/TA07-226A.html
third-party-advisoryx_refsource_CERT

EPSS Score

52% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.