Vulnerability in N/a
CVE-2007-3037
Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attackers to execute arbitrary code via a skin file (WMZ or WMD) with crafted header information that causes a size mismatch between compressed and decompressed data and trigg…
EPSS: 0.601 (98.3th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- TA07-226A (x_refsource_CERT, third-party-advisory)
- 26433 (x_refsource_SECUNIA, third-party-advisory)
- 36385 (x_refsource_OSVDB, vdb-entry)
- 1018565 (vdb-entry, x_refsource_SECTRACK)
- MS07-047 (x_refsource_MS, vendor-advisory)
- ADV-2007-2871 (vdb-entry, x_refsource_VUPEN)
- www.zerodayinitiative.com/advisories/ZDI-07-046.html (x_refsource_MISC)
- 25307 (vdb-entry, x_refsource_BID)
- oval:org.mitre.oval:def:2207 (x_refsource_OVAL, signature, vdb-entry)
- 20070814 ZDI-07-046: Microsoft Windows Media Player Skin Parsing Size Mismatch Heap Overflow Vulnerability (mailing-list, x_refsource_BUGTRAQ)