|
 |
|
Windows Media Player ActiveX Control Two Vulnerabilities
|
|
|
|
|
Secunia Advisory:
|
SA13578
|
|
|
Release Date:
|
2004-12-20
|
|
Last Update:
|
2005-01-06
|
|
|
Critical:
|
Less critical
|
|
Impact:
|
Manipulation of data
Exposure of system information
Exposure of sensitive information
|
|
Where:
|
From remote
|
|
Solution Status:
|
Partial Fix
|
|
| Software: | Microsoft Windows Media Player 9.x
|
| | CVE reference: | CVE-2004-1324 (Secunia mirror)
CVE-2004-1325 (Secunia mirror)
|
|
|
|
|
|
Description:
Arman Nayyeri has discovered two vulnerabilities in Microsoft Windows Media Player, which can be exploited by malicious people to disclose system information, and modify or disclose some sensitive information.
1) An error in the "getItemInfoByAtom()" function in the Windows Media Player ActiveX control can be exploited by e.g. a malicious web site to determine the presence and size of local files.
2) Some errors in the "setItemInfo()" and "getItemInfo()" functions in the Windows Media Player ActiveX control can be exploited by e.g. a malicious web site to modify or disclose local media information (e.g. artist, album, and song name of a .wma file).
The vulnerabilities have been confirmed on a fully patched system with Microsoft Windows Media Player 9 and Microsoft Windows 2000 SP4 / XP SP1 / XP SP2.
Solution:
Microsoft Windows XP:
Update to version 10.
http://www.microsoft.com/downloads/de...-80d5-cde4bbe07999&displaylang=en
Set security level to high for the "Internet" zone (disable ActiveX support).
Provided and/or discovered by:
Arman Nayyeri
Changelog:
2005-01-06: Added CVE references.
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
6 Related Secunia Security Advisories
|
|
|
1. Windows Media Player Skin Handling Code Execution Vulnerabilities
|
|
2. Windows Media Player PNG Processing Buffer Overflow
|
|
3. Windows Media Player Bitmap File Processing Vulnerability
|
|
4. Microsoft Various Products PNG Image Parsing Vulnerabilities
|
|
5. Microsoft Windows Media Player DHTML Local Zone Access
|
|
6. Microsoft Windows Media Player ActiveX Media Library Manipulation
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
|
|
Secunia PSI
Scan | Patch | Track
Free Download
|
|
|
Secunia Poll
|
|
|
|
|
 |
|
|
Most Popular Advisories
|
|
|
|
|
|
