Vulnerabilities > CVE-2004-1325 - Unspecified vulnerability in Microsoft Windows Media Player 9
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The getItemInfoByAtom function in the ActiveX control for Microsoft Windows Media Player 9.0 returns a 0 if the file does not exist and the size of the file if the file exists, which allows remote attackers to determine the existence of files on the local system.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Windows Media Player 9.0 ActiveX Control File Enumeration Weakness. CVE-2004-1325. Remote exploit for windows platform |
| id | EDB-ID:25032 |
| last seen | 2016-02-03 |
| modified | 2004-12-18 |
| published | 2004-12-18 |
| reporter | Arman Nayyeri |
| source | https://www.exploit-db.com/download/25032/ |
| title | Windows Media Player 9.0 - ActiveX Control File Enumeration Weakness |