Vulnerabilities > CVE-2002-0340 - Unspecified vulnerability in Microsoft Windows Media Player

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

microsoft

NVD

Published: 2002-06-25

Updated: 2016-10-18

Summary

Windows Media Player (WMP) 8.00.00.4477, and possibly other versions, automatically detects and executes .wmf and other content, even when the file's extension or content type does not specify .wmf, which could make it easier for attackers to conduct unauthorized activities via Trojan horse files containing .wmf content.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Windows Media Player - Microsoft Windows Media Player 6.3 Microsoft Windows Media Player 6.4 Microsoft Windows Media Player 7 Microsoft Windows Media Player 7.1 Microsoft Windows Media Player 8 Microsoft Windows Media Player 8.00.00.4477	7

References

http://marc.info/?l=bugtraq&m=101447771102582&w=2