CVSS: 8.8EPSS: 4%CPEs: 1EXPL: 0CVE-2002-0340
https://notcve.org/view.php?id=CVE-2002-0340
03 May 2002 — Windows Media Player (WMP) 8.00.00.4477, and possibly other versions, automatically detects and executes .wmf and other content, even when the file's extension or content type does not specify .wmf, which could make it easier for attackers to conduct unauthorized activities via Trojan horse files containing .wmf content. • http://marc.info/?l=bugtraq&m=101447771102582&w=2 •
CVSS: 8.8EPSS: 17%CPEs: 1EXPL: 0CVE-2001-0719
https://notcve.org/view.php?id=CVE-2001-0719
06 Dec 2001 — Buffer overflow in Microsoft Windows Media Player 6.4 allows remote attackers to execute arbitrary code via a malformed Advanced Streaming Format (ASF) file. • http://online.securityfocus.com/archive/1/202470 •
CVSS: 8.8EPSS: 9%CPEs: 3EXPL: 0CVE-2001-0541
https://notcve.org/view.php?id=CVE-2001-0541
20 Sep 2001 — Buffer overflow in Microsoft Windows Media Player 7.1 and earlier allows remote attackers to execute arbitrary commands via a malformed Windows Media Station (.NSC) file. Desbordamiento de buffer en el Reproductor de Medios de Windows 7.1 y anteriores que permite a atacantes remotos ejecutar comandos arbitrarios mediante un fichero malformado de Windows Media Station (.nsc) • http://www.securityfocus.com/archive/1/187001 •
CVSS: 5.3EPSS: 37%CPEs: 2EXPL: 0CVE-2001-0243
https://notcve.org/view.php?id=CVE-2001-0243
27 Jun 2001 — Windows Media Player 7 and earlier stores Internet shortcuts in a user's Temporary Files folder with a fixed filename instead of in the Internet Explorer cache, which causes the HTML in those shortcuts to run in the Local Computer Zone instead of the Internet Zone, which allows remote attackers to read certain files. • http://www.securityfocus.com/bid/2765 •
CVSS: 8.8EPSS: 12%CPEs: 3EXPL: 1CVE-2001-0242
https://notcve.org/view.php?id=CVE-2001-0242
24 May 2001 — Buffer overflows in Microsoft Windows Media Player 7 and earlier allow remote attackers to execute arbitrary commands via (1) a long version tag in an .ASX file, or (2) a long banner tag, a variant of the ".ASX Buffer Overrun" vulnerability as discussed in MS:MS00-090. • http://www.kb.cert.org/vuls/id/187528 •
CVSS: 8.3EPSS: 13%CPEs: 1EXPL: 2CVE-2001-0148 – Microsoft Windows Media Player 7.0 - JavaScript URL
https://notcve.org/view.php?id=CVE-2001-0148
07 May 2001 — The WMP ActiveX Control in Windows Media Player 7 allows remote attackers to execute commands in Internet Explorer via javascript URLs, a variant of the "Frame Domain Verification" vulnerability. • https://www.exploit-db.com/exploits/20528 •
CVSS: 8.8EPSS: 5%CPEs: 1EXPL: 2CVE-2001-0137 – Microsoft Windows Media Player 7.0 - '.wmz' Arbitrary Java Applet
https://notcve.org/view.php?id=CVE-2001-0137
12 Mar 2001 — Windows Media Player 7 allows remote attackers to execute malicious Java applets in Internet Explorer clients by enclosing the applet in a skin file named skin.wmz, then referencing that skin in the codebase parameter to an applet tag, aka the Windows Media Player Skins File Download" vulnerability. • https://www.exploit-db.com/exploits/20553 •
CVSS: 8.8EPSS: 2%CPEs: 2EXPL: 2CVE-2000-1112 – Microsoft Windows Media Player 7.0 - '.wms' Arbitrary Script (MS00-090)
https://notcve.org/view.php?id=CVE-2000-1112
09 Jan 2001 — Microsoft Windows Media Player 7 executes scripts in custom skin (.WMS) files, which could allow remote attackers to gain privileges via a skin that contains a malicious script, aka the ".WMS Script Execution" vulnerability. • https://www.exploit-db.com/exploits/20424 •
CVSS: 8.8EPSS: 17%CPEs: 2EXPL: 2CVE-2000-1113 – Microsoft Windows Media Player 7.0 - '.asx' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2000-1113
09 Jan 2001 — Buffer overflow in Microsoft Windows Media Player allows remote attackers to execute arbitrary commands via a malformed Active Stream Redirector (.ASX) file, aka the ".ASX Buffer Overrun" vulnerability. • https://www.exploit-db.com/exploits/20427 •
CVSS: 6.5EPSS: 23%CPEs: 1EXPL: 2CVE-2000-0929 – Microsoft Windows Media Player 7 - Embedded OCX Control
https://notcve.org/view.php?id=CVE-2000-0929
19 Dec 2000 — Microsoft Windows Media Player 7 allows attackers to cause a denial of service in RTF-enabled email clients via an embedded OCX control that is not closed properly, aka the "OCX Attachment" vulnerability. • https://www.exploit-db.com/exploits/20240 •