Vulnerability in Microsoft Windows_media_player

CVE-2010-1042

Microsoft Windows Media Player 11 does not properly perform colorspace conversion, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .AVI file. NOTE: the proven…

EPSS: 0.416 (97.5th percentile) — read the EPSS interpretation.

Affected products

Microsoft Windows_media_player — versions 11, 11.0.6000.6324, 11.0.5721.5145
N/a — versions n/a

References

38790 (Exploit, vdb-entry, x_refsource_BID)
win-mediaplayer-avi-code-execution(57205) (vdb-entry, x_refsource_XF)