ID |
CVE-2004-1324
|
Summary |
The Microsoft Windows Media Player 9.0 ActiveX control may allow remote attackers to execute arbitrary web script in the Local computer zone via the (1) artist or (2) song fields of a music file, if the file is processed using Internet Explorer. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 2.6 (as of 11-07-2017 - 01:30) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
HIGH |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
PARTIAL |
NONE |
|
cvss-vector
via4
|
AV:N/AC:H/Au:N/C:N/I:P/A:N
|
refmap
via4
|
bid | 12031 | bugtraq | 20041218 MS Windows Media Player 9 Vulns (2) | xf | mediaplayer-mp3-code-execution(18576) |
|
Last major update |
11-07-2017 - 01:30 |
Published |
18-12-2004 - 05:00 |
Last modified |
11-07-2017 - 01:30 |