CVE-2004-1324

Properties

Published:
17.12.2004
Updated:
20.10.2005
Patch available:
Severity:
Low
  • CVSS vector:
    (AV:R/AC:H/Au:NR/C:N/I:C/A:N/B:N) Approximated
    Product:
    Microsoft: Windows Media Player

    Vulnerability description

    The Microsoft Windows Media Player 9.0 ActiveX control may allow remote attackers to execute arbitrary web script in the Local computer zone via the (1) artist or (2) song fields of a music file, if the file is processed using Internet Explorer.

    References:

    BUGTRAQ: http://marc.theaimsgroup.com/?l=bugtraq&m=110352518211306&w=2
    BID: http://www.securityfocus.com/bid/12031
    XF: http://xforce.iss.net/xforce/xfdb/18576
    BUGTRAQ: http://marc.theaimsgroup.com/?l=bugtraq&m=110352518211306&w=2