Vulnerabilities > Microsoft > Windows Media Player > 6.4

DATE CVE VULNERABILITY TITLE RISK
2009-10-14 CVE-2009-2527 Buffer Errors vulnerability in Microsoft Windows Media Player 6.4
Heap-based buffer overflow in Microsoft Windows Media Player 6.4 allows remote attackers to execute arbitrary code via (1) a crafted ASF file or (2) crafted streaming content, aka "WMP Heap Overflow Vulnerability."
network
microsoft CWE-119
critical
9.3
2008-12-10 CVE-2008-3010 Information Exposure vulnerability in Microsoft Windows Media Player 6.4
Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1 and 9 incorrectly associate ISATAP addresses with the Local Intranet zone, which allows remote servers to capture NTLM credentials, and execute arbitrary code through credential-reflection attacks, by sending an authentication request, aka "ISATAP Vulnerability."
network
low complexity
microsoft CWE-200
critical
10.0
2007-12-17 CVE-2007-6401 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Stack-based buffer overflow in mplayer2.exe in Microsoft Windows Media Player (WMP) 6.4, when used with the 3ivx 4.5.1 or 5.0.1 codec, allows remote attackers to execute arbitrary code via a certain .mp4 file, possibly a related issue to CVE-2007-6402.
network
3ivx microsoft CWE-119
critical
9.3
2006-12-13 CVE-2006-4702 Remote ASF File Buffer Overflow vulnerability in Microsoft products
Buffer overflow in the Windows Media Format Runtime in Microsoft Windows Media Player (WMP) 6.4 and Windows XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file.
network
microsoft
6.8
2002-12-31 CVE-2002-1847 Unspecified vulnerability in Microsoft Windows Media Player
Buffer overflow in mplay32.exe of Microsoft Windows Media Player (WMP) 6.3 through 7.1 allows remote attackers to execute arbitrary commands via a long mp3 filename command line argument.
network
low complexity
microsoft
7.5
2002-07-03 CVE-2002-0372 Path Disclosure vulnerability in Windows Media Player IE Cache
Microsoft Windows Media Player versions 6.4 and 7.1 and Media Player for Windows XP allow remote attackers to bypass Internet Explorer's (IE) security mechanisms and run code via an executable .wma media file with a license installation requirement stored in the IE cache, aka the "Cache Path Disclosure via Windows Media Player".
network
low complexity
microsoft
7.5
2002-06-25 CVE-2002-0340 Unspecified vulnerability in Microsoft Windows Media Player
Windows Media Player (WMP) 8.00.00.4477, and possibly other versions, automatically detects and executes .wmf and other content, even when the file's extension or content type does not specify .wmf, which could make it easier for attackers to conduct unauthorized activities via Trojan horse files containing .wmf content.
network
low complexity
microsoft
7.5
2001-12-06 CVE-2001-0719 Buffer Overflow vulnerability in Microsoft Windows Media Player 6.4
Buffer overflow in Microsoft Windows Media Player 6.4 allows remote attackers to execute arbitrary code via a malformed Advanced Streaming Format (ASF) file.
network
low complexity
microsoft
7.5
2001-09-20 CVE-2001-0541 Buffer Overflow vulnerability in Microsoft Windows Media Player .NSC File
Buffer overflow in Microsoft Windows Media Player 7.1 and earlier allows remote attackers to execute arbitrary commands via a malformed Windows Media Station (.NSC) file.
network
low complexity
microsoft
7.5
2001-06-27 CVE-2001-0243 Unspecified vulnerability in Microsoft Windows Media Player 6.4/7
Windows Media Player 7 and earlier stores Internet shortcuts in a user's Temporary Files folder with a fixed filename instead of in the Internet Explorer cache, which causes the HTML in those shortcuts to run in the Local Computer Zone instead of the Internet Zone, which allows remote attackers to read certain files.
network
low complexity
microsoft
5.0