Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 28/11/2006 Updated: 17/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Heap-based buffer overflow in the WMCheckURLScheme function in WMVCORE.DLL in Microsoft Windows Media Player (WMP) 10.00.00.4036 on Windows XP SP2, Server 2003, and Server 2003 SP1 allows remote malicious users to cause a denial of service (application crash) and execute arbitrary code via a long HREF attribute, using an unrecognized protocol, in a REF element in an ASX PlayList file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows media player 10.00.00.4036

CWE-119 http://www.securityfocus.com/bid/21247 http://research.eeye.com/html/alerts/zeroday/20061122.html http://blogs.technet.com/msrc/archive/2006/12/07/public-proof-of-concept-code-for-asx-file-format-isssue.aspx http://www.kb.cert.org/vuls/id/208769 http://secunia.com/advisories/22971 http://securitytracker.com/id?1017354 http://support.avaya.com/elmodocs2/security/ASA-2006-274.htm http://www.us-cert.gov/cas/techalerts/TA06-346A.html http://securityreason.com/securityalert/1922 http://www.vupen.com/english/advisories/2006/4882 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A669 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-078 http://www.securityfocus.com/archive/1/454969/100/200/threaded http://www.securityfocus.com/archive/1/453579/100/0/threaded http://www.securityfocus.com/archive/1/452352/100/0/threaded https://nvd.nist.gov https://www.kb.cert.org/vuls/id/208769

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-6134

Vulnerability Summary

References

Vulmon Search

About

Products

Connect