// For flags

CVE-2004-0726

 

Severity Score

7.5
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The Windows Media Player control in Microsoft Windows 2000 allows remote attackers to execute arbitrary script in the local computer zone via an ASX filename that contains javascript, which is executed in the local context in a preview panel.

El control de Windows Media Player en Windows 2000 permite a atacantes remotos ejecutar script de su elección en la zona de ordenador local mediante un nombre de fichero ASX que contiene javascript, que es ejecuado en el contexto local en el panel de vista previa.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2004-07-22 CVE Reserved
  • 2004-07-23 CVE Published
  • 2023-06-30 EPSS Updated
  • 2024-08-08 CVE Updated
  • 2024-08-08 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Microsoft
Search vendor "Microsoft"
 Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*-
Affected
Microsoft
Search vendor "Microsoft"
 Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*sp1
Affected
Microsoft
Search vendor "Microsoft"
 Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*sp2
Affected
Microsoft
Search vendor "Microsoft"
 Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*sp3
Affected
Microsoft
Search vendor "Microsoft"
 Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*sp4
Affected