Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5095

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-5095
Last Modified 15 Nov 2008 01:59:40
Published 26 Sep 2007 06:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5095

Summary

Microsoft Windows Media Player (WMP) 9 on Windows XP SP2 invokes Internet Explorer to render HTML documents contained inside some media files, regardless of what default web browser is configured, which might allow remote attackers to exploit vulnerabilities in software that the user does not expect to run, as demonstrated by the HTMLView parameter in an .asx file.

Vulnerable Systems

Application

  • Microsoft Windows Media Player 9


References

BUGTRAQ - 20070918 RE: security notice: Backdooring Windows Media Files

BUGTRAQ - 20070918 re: security notice: Backdooring Windows Media Files

BUGTRAQ - 20070918 security notice: Backdooring Windows Media Files

BUGTRAQ - 20070918 Re: security notice: Backdooring Windows Media Files

MISC - http://www.gnucitizen.org/blog/backdooring-windows-media-files

OSVDB - 41093


Last Updated: 27 May 2016 10:46:04