25 results (0.007 seconds)

CVSS: 9.3EPSS: 79%CPEs: 7EXPL: 0

Heap-based buffer overflow in Microsoft Windows Media Player 6.4 allows remote attackers to execute arbitrary code via (1) a crafted ASF file or (2) crafted streaming content, aka "WMP Heap Overflow Vulnerability." Desbordamiento de búfer basado en memoria dinámica (heap) en Microsoft Windows Media Player v6.4, permite a atacantes remotos ejecutar código de su elección a través de un archivo ASF manipulado o (2) a través de un contenido para difusión (streaming) manipulado, también conocida como "Vulnerabilidad de desbordamiento de búfer basado en memoria dinámica (heap) WMP". • http://www.us-cert.gov/cas/techalerts/TA09-286A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-052 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6184 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 12%CPEs: 53EXPL: 0

Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1, 9, and 2008 do not properly use the Service Principal Name (SPN) identifier when validating replies to authentication requests, which allows remote servers to execute arbitrary code via vectors that employ NTLM credential reflection, aka "SPN Vulnerability." Microsoft Windows Media Player v6.4, Windows Media Format Runtime v7.1 a v11, y Windows Media Services v4.1, v9, y 2008 no usan apropiadamente el identificador Service Principal Name (SPN) al validar respuestas a peticiones de autenticación, lo que permite a servidores remotos ejecutar código de su elección mediante vectores que emplean reflexión de credenciales NTLM, alias "Vulnerabilidad SPN". • http://secunia.com/advisories/33058 http://www.securityfocus.com/bid/32653 http://www.securitytracker.com/id?1021372 http://www.securitytracker.com/id?1021373 http://www.us-cert.gov/cas/techalerts/TA08-344A.html http://www.vupen.com/english/advisories/2008/3388 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-076 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5942 • CWE-255: Credentials Management Errors •

CVSS: 10.0EPSS: 22%CPEs: 10EXPL: 0

Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1 and 9 incorrectly associate ISATAP addresses with the Local Intranet zone, which allows remote servers to capture NTLM credentials, and execute arbitrary code through credential-reflection attacks, by sending an authentication request, aka "ISATAP Vulnerability." Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 hasta 11, y Windows Media Services 4.1 y 9 incorrectamente asociados a direcciones ISATAP con la zona Intranet local, el cual permite a los servidores remotos capturar credenciales NTLM, y ejecutar arbitrariamente código a través de un ataque "credential-reflection", enviado una petición de autenticación, alias "Vulnerabilidad ISATAP ". • http://secunia.com/advisories/33058 http://www.securityfocus.com/bid/32654 http://www.securitytracker.com/id?1021374 http://www.securitytracker.com/id?1021375 http://www.us-cert.gov/cas/techalerts/TA08-344A.html http://www.vupen.com/english/advisories/2008/3388 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-076 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5689 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.3EPSS: 89%CPEs: 3EXPL: 2

Stack-based buffer overflow in mplayer2.exe in Microsoft Windows Media Player (WMP) 6.4, when used with the 3ivx 4.5.1 or 5.0.1 codec, allows remote attackers to execute arbitrary code via a certain .mp4 file, possibly a related issue to CVE-2007-6402. Desbordamiento de búfer basado en pila en mplayer2.exe en Microsoft Windows Media Player (WMP) 6.4, cuando es usado con el codec 3ivx 4.5.1 o 5.0.1, permite a atacantes remotos ejecutar código de su elección mediante cierto fichero .mp4, posiblemente un asunto relacionado con CVE-2007-6402. • https://www.exploit-db.com/exploits/4702 http://securityreason.com/securityalert/3453 http://www.securityfocus.com/archive/1/484779/100/0/threaded http://www.securityfocus.com/bid/26773 http://www.securitytracker.com/id?1019064 http://www.vupen.com/english/advisories/2007/4141 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.0EPSS: 59%CPEs: 4EXPL: 0

Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attackers to execute arbitrary code via a skin file (WMZ or WMD) with crafted header information that causes a size mismatch between compressed and decompressed data and triggers a heap-based buffer overflow, aka "Windows Media Player Code Execution Vulnerability Parsing Skins." Microsoft Windows Media Player versiones 7.1, 9, 10 y 11 permite a los atacantes remotos ejecutar código arbitrario por medio de un archivo skin (WMZ o WMD) con información de encabezado creada que causa una falta de coincidencia de tamaño entre los datos comprimidos y descomprimidos y desencadena un desbordamiento de búfer en la región heap de la memoria, también se conoce como "Windows Media Player Code Execution Vulnerability Parsing Skins." This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Windows Media Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists during the parsing of malformed skin files (WMZ). A size compressed / decompressed size mismatch can result in an under allocated heap buffer which can be leveraged by an attacker to eventually execute arbitrary code under the context of the current user. • http://secunia.com/advisories/26433 http://securitytracker.com/id?1018565 http://www.osvdb.org/36385 http://www.securityfocus.com/archive/1/476533/100/0/threaded http://www.securityfocus.com/bid/25307 http://www.us-cert.gov/cas/techalerts/TA07-226A.html http://www.vupen.com/english/advisories/2007/2871 http://www.zerodayinitiative.com/advisories/ZDI-07-046.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-047 https://oval.cisecurity.org/rep • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •