Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1847

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-1847
Last Modified 05 Sep 2008 04:31:40
Published 31 Dec 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1847

Summary

Buffer overflow in mplay32.exe of Microsoft Windows Media Player (WMP) 6.3 through 7.1 allows remote attackers to execute arbitrary commands via a long mp3 filename command line argument. NOTE: since the only known attack vector requires command line access, this may not be a vulnerability.

Vulnerable Systems

Application

  • Microsoft Windows Media Player 6.3

  • Microsoft Windows Media Player 6.4

  • Microsoft Windows Media Player 7

  • Microsoft Windows Media Player 7.1

  • Microsoft Windows Media Player Xp


References

BID - 5357

XF - mediaplayer-mplay32-filename-bo(9727)


Last Updated: 27 May 2016 10:37:30