CVSS: 9.3EPSS: 26%CPEs: 10EXPL: 0CVE-2015-1728
https://notcve.org/view.php?id=CVE-2015-1728
10 Jun 2015 — Microsoft Windows Media Player 10 through 12 allows remote attackers to execute arbitrary code via a crafted DataObject on a web site, aka "Windows Media Player RCE via DataObject Vulnerability." Microsoft Windows Media Player 10 hasta 12 permite a atacantes remotos ejecutar código a través de un DataObject manipulado en un sitio web, también conocido como 'vulnerabilidad de DataObject a través de RCE Windows Media Player.' • http://www.securitytracker.com/id/1032522 • CWE-17: DEPRECATED: Code •
CVSS: 7.8EPSS: 30%CPEs: 1EXPL: 10CVE-2014-2671 – GOM Video Converter 1.1.0.60 - '.wav' Memory Corruption (PoC)
https://notcve.org/view.php?id=CVE-2014-2671
30 Mar 2014 — Microsoft Windows Media Player (WMP) 11.0.5721.5230 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted WAV file. Microsoft Windows Media Player (WMP) 11.0.5721.5230 permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto no especificado a través de un archivo WAV manipulado. • https://www.exploit-db.com/exploits/32483 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 40%CPEs: 5EXPL: 0CVE-2013-3127 – Microsoft Windows Media Player WMV Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-3127
10 Jul 2013 — The Microsoft WMV video codec in wmv9vcm.dll, wmvdmod.dll in Windows Media Format Runtime 9 and 9.5, and wmvdecod.dll in Windows Media Format Runtime 11 and Windows Media Player 11 and 12 allows remote attackers to execute arbitrary code via a crafted media file, aka "WMV Video Decoder Remote Code Execution Vulnerability." El códec de vídeo Microsoft WMV en wmv9vcm.dll, wmvdmod.dll en Windows Media Format Runtime v9 y v9.5, y wmvdecod.dll en Windows Media Format Runtime 11 y Windows Media Player v11 y v12 p... • http://www.us-cert.gov/ncas/alerts/TA13-190A • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 60%CPEs: 28EXPL: 1CVE-2010-2745 – Mozilla Firefox 3.5.10/3.6.6 - 'WMP' Memory Corruption Using Popups
https://notcve.org/view.php?id=CVE-2010-2745
13 Oct 2010 — Microsoft Windows Media Player (WMP) 9 through 12 does not properly deallocate objects during a browser reload action, which allows user-assisted remote attackers to execute arbitrary code via crafted media content referenced in an HTML document, aka "Windows Media Player Memory Corruption Vulnerability." Microsoft Windows Media Player (WMP) v9 hasta v12 no asigna adecuadamente ojetos durante la acción de recarga de buscador, lo que permite a atacantes asistidos por usuarios remotos ejecutar código de su el... • https://www.exploit-db.com/exploits/15242 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 48%CPEs: 3EXPL: 2CVE-2010-1042 – Microsoft Windows Media Player 11 - '.AVI' File Colorspace Conversion Remote Memory Corruption
https://notcve.org/view.php?id=CVE-2010-1042
22 Mar 2010 — Microsoft Windows Media Player 11 does not properly perform colorspace conversion, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .AVI file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Microsoft Windows Media Player 11 no convierte correctamente el colorspace, lo que permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) o posi... • https://www.exploit-db.com/exploits/33770 •