Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0228

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0228
Last Modified 10 Sep 2008 03:18:19
Published 27 May 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0228

Summary

Directory traversal vulnerability in Microsoft Windows Media Player 7.1 and Windows Media Player for Windows XP allows remote attackers to execute arbitrary code via a skins file with a URL containing hex-encoded backslash characters (%5C) that causes an executable to be placed in an arbitrary location.

Vulnerable Systems

Application

  • Microsoft Windows Media Player 7.1

  • Microsoft Windows Media Player Xp


References

CERT-VN - VU#384932

BID - 7517

MS - MS03-017

BUGTRAQ - 20030507 Windows Media Player directory traversal vulnerability

XF - mediaplayer-skin-code-execution(11953)

BUGTRAQ - 20030508 why i love xs4all + mediaplayer thingie


Last Updated: 27 May 2016 10:37:50