CVE-2006-0005

Sažetak

Buffer overflow in the plug-in for Microsoft Windows Media Player (WMP) 9 and 10, when used in browsers other than Internet Explorer and set as the default application to handle media files, allows remote attackers to execute arbitrary code via HTML with an EMBED element containing a long src attribute.

Reference

http://secunia.com/advisories/18852
http://securitytracker.com/id?1015628
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=393
http://www.kb.cert.org/vuls/id/692060
http://www.securityfocus.com/bid/16644
http://www.us-cert.gov/cas/techalerts/TA06-045A.html
http://www.vupen.com/english/advisories/2006/0575
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-006
https://exchange.xforce.ibmcloud.com/vulnerabilities/24493
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1559

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

30-04-2019 - 14:27

Objavljeno

14-02-2006 - 19:06