Remote Code Execution Vulnerability in Microsoft Windows Media Player
CVE-2010-0268

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Media Player; Windows 2000
Vendor: CVE Published:; 14 April 2010

Summary

This vulnerability exists within the Windows Media Player ActiveX control, which allows remote attackers to execute arbitrary code on affected systems by exploiting crafted media content. Specifically, this affects versions of Windows Media Player 9 on Microsoft Windows 2000 SP4 and Windows XP SP2 and SP3. Users are advised to apply the relevant security updates immediately to mitigate potential risks associated with this security flaw.

References

http://www.us-cert.gov/cas/techalerts/TA10-103A.html

third-party-advisoryx_refsource_CERT

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

61% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 14, 2010
Vulnerability Reserved
Jan 7, 2010