ID CVE-2007-3035
Summary Unspecified vulnerability in Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attackers to execute arbitrary code via a skin file (WMZ or WMD) with crafted header information that is not properly handled during decompression, aka "Windows Media Player Code Execution Vulnerability Decompressing Skins."
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:windows_media_player:7.1:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:windows_media_player:7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:windows_media_player:9:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:windows_media_player:9:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:windows_media_player:10:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:windows_media_player:10:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:windows_media_player:11:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:windows_media_player:11:*:*:*:*:*:*:*
CVSS
Base: 7.6 (as of 16-10-2018 - 16:47)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:H/Au:N/C:C/I:C/A:C
oval via4
accepted 2007-09-27T08:57:39.760-04:00
class vulnerability
contributors
  • name Robert L. Hollis
    organization ThreatGuard, Inc.
  • name Jeff Cheng
    organization Opsware, Inc.
  • name Jeff Cheng
    organization Opsware, Inc.
  • name Jeff Cheng
    organization Opsware, Inc.
  • name Jeff Cheng
    organization Opsware, Inc.
  • name Jeff Cheng
    organization Opsware, Inc.
  • name Jeff Cheng
    organization Opsware, Inc.
  • name Jeff Cheng
    organization Opsware, Inc.
definition_extensions
  • comment Windows Media Player v7.1 is installed.
    oval oval:org.mitre.oval:def:1386
  • comment Windows Media Player v9 is installed.
    oval oval:org.mitre.oval:def:2147
  • comment Microsoft Windows XP SP2 or later is installed
    oval oval:org.mitre.oval:def:521
  • comment Windows Media Player v10 is installed.
    oval oval:org.mitre.oval:def:2172
  • comment Microsoft Windows XP SP2 or later is installed
    oval oval:org.mitre.oval:def:521
  • comment Windows Media Player v11 is installed.
    oval oval:org.mitre.oval:def:2126
  • comment Microsoft Windows Server 2003 SP1 (x86) is installed
    oval oval:org.mitre.oval:def:565
  • comment Microsoft Windows Server 2003 (x64) is installed
    oval oval:org.mitre.oval:def:730
  • comment Microsoft Windows Server 2003 SP1 for Itanium is installed
    oval oval:org.mitre.oval:def:1205
  • comment Windows Media Player v10 is installed.
    oval oval:org.mitre.oval:def:2172
  • comment Microsoft Windows Server 2003 SP2 (x86) is installed
    oval oval:org.mitre.oval:def:1935
  • comment Microsoft Windows Server 2003 SP2 (x64) is installed
    oval oval:org.mitre.oval:def:2161
  • comment Microsoft Windows Server 2003 (ia64) SP2 is installed
    oval oval:org.mitre.oval:def:1442
  • comment Windows Media Player v10 is installed.
    oval oval:org.mitre.oval:def:2172
  • comment Microsoft Windows Vista is installed
    oval oval:org.mitre.oval:def:228
  • comment Windows Media Player v11 is installed.
    oval oval:org.mitre.oval:def:2126
description Unspecified vulnerability in Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attackers to execute arbitrary code via a skin file (WMZ or WMD) with crafted header information that is not properly handled during decompression, aka "Windows Media Player Code Execution Vulnerability Decompressing Skins."
family windows
id oval:org.mitre.oval:def:1352
status accepted
submitted 2007-08-15T09:28:35
title Windows Media Player Code Execution Vulnerability Decompressing Skins
version 73
refmap via4
bid 25305
bugtraq 20070814 ZDI-07-047: Microsoft Windows Media Player Malformed Skin Header Code Execution Vulnerability
cert TA07-226A
misc http://www.zerodayinitiative.com/advisories/ZDI-07-047.html
sectrack 1018565
secunia 26433
vupen ADV-2007-2871
xf win-mediaplayer-skin-header-code-execution(35895)
Last major update 16-10-2018 - 16:47
Published 14-08-2007 - 21:17
Last modified 16-10-2018 - 16:47
Back to Top