CVE-2001-0148 – Microsoft Windows Media Player 7.0 - JavaScript URL
https://notcve.org/view.php?id=CVE-2001-0148
The WMP ActiveX Control in Windows Media Player 7 allows remote attackers to execute commands in Internet Explorer via javascript URLs, a variant of the "Frame Domain Verification" vulnerability. • https://www.exploit-db.com/exploits/20528 http://archives.neohapsis.com/archives/bugtraq/2001-01/0000.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-015 https://exchange.xforce.ibmcloud.com/vulnerabilities/6227 •
CVE-2001-0137 – Microsoft Windows Media Player 7.0 - '.wmz' Arbitrary Java Applet
https://notcve.org/view.php?id=CVE-2001-0137
Windows Media Player 7 allows remote attackers to execute malicious Java applets in Internet Explorer clients by enclosing the applet in a skin file named skin.wmz, then referencing that skin in the codebase parameter to an applet tag, aka the Windows Media Player Skins File Download" vulnerability. • https://www.exploit-db.com/exploits/20553 http://marc.info/?l=bugtraq&m=97958100816503&w=2 http://www.securityfocus.com/bid/2203 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-010 https://exchange.xforce.ibmcloud.com/vulnerabilities/5937 •
CVE-2000-1113 – Microsoft Windows Media Player 7.0 - '.asx' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2000-1113
Buffer overflow in Microsoft Windows Media Player allows remote attackers to execute arbitrary commands via a malformed Active Stream Redirector (.ASX) file, aka the ".ASX Buffer Overrun" vulnerability. • https://www.exploit-db.com/exploits/20427 http://www.atstake.com/research/advisories/2000/a112300-1.txt http://www.securityfocus.com/bid/1980 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-090 https://exchange.xforce.ibmcloud.com/vulnerabilities/5574 •
CVE-2000-1112 – Microsoft Windows Media Player 7.0 - '.wms' Arbitrary Script (MS00-090)
https://notcve.org/view.php?id=CVE-2000-1112
Microsoft Windows Media Player 7 executes scripts in custom skin (.WMS) files, which could allow remote attackers to gain privileges via a skin that contains a malicious script, aka the ".WMS Script Execution" vulnerability. • https://www.exploit-db.com/exploits/20424 http://www.securityfocus.com/bid/1976 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-090 https://exchange.xforce.ibmcloud.com/vulnerabilities/5575 •
CVE-2000-0929 – Microsoft Windows Media Player 7 - Embedded OCX Control
https://notcve.org/view.php?id=CVE-2000-0929
Microsoft Windows Media Player 7 allows attackers to cause a denial of service in RTF-enabled email clients via an embedded OCX control that is not closed properly, aka the "OCX Attachment" vulnerability. • https://www.exploit-db.com/exploits/20240 http://marc.info/?l=bugtraq&m=97024839222747&w=2 http://www.securityfocus.com/bid/1714 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-068 https://exchange.xforce.ibmcloud.com/vulnerabilities/5309 •