Windows Media Player Skin Handling Code Execution Vulnerabilities - Secunia Advisories - Vulnerability Information

Vulnerability Information

Vulnerability Scanning

Community

Blog

Corporate Information

Home > Vulnerability Information > Secunia Advisories > Windows Media Player Skin Handling Code Execution Vulnerabilities

Secunia Advisories

Advisories

Advisories by Product

Business Solutions Restricted

Partner Solutions Restricted

About

Windows Media Player Skin Handling Code Execution Vulnerabilities

Secunia Advisory:

SA26433

Advisory Toolbox:

Issue ticket

Save in to-do list

Mark as handled

Exploit information

Download as PDF

Review actions

Add comment

Release Date:

2007-08-14

Last Update:

2007-08-15

Popularity:

17,257 views

Critical:

Highly critical

Impact:

System access

Where:

From remote

Solution Status:

Vendor Patch

Software:

Microsoft Windows Media Player 10.x
Microsoft Windows Media Player 11.x
Microsoft Windows Media Player 7.x
Microsoft Windows Media Player 9.x

Binary Analysis:

BA206 :: Available for 1 Credit

Secunia CVSS-2 Score:

Available in Secunia business solutions

Subscribe:

Instant alerts on relevant vulnerabilities

Advisory Content (Page 2 of 3)

[ 1 ] [ 2 ] [ 3 ]

Secunia is hiring, read about the open positions here!

Solution:
Apply patches.

Windows Media Player 7.1 for Windows 2000 SP4:
http://www.microsoft.com/downloads/de...=9f46b1fc-ee7b-437f-9492-67d003711021

Windows Media Player 9 for Windows 2000 SP4 / Windows XP SP2:
http://www.microsoft.com/downloads/de...bd4a6474-5fde-415e-840e-7d973cb71c95

Windows Media Player 10 for Windows XP SP2:
http://www.microsoft.com/downloads/de...=48f5a9d3-b859-4cb6-a68e-abde76a14782

Windows Media Player 10 for Windows XP Professional X64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/de...=949580be-cbb3-4271-8ca0-0ead7f2d8801

Windows Media Player 10 for Windows Server 2003 SP1/SP2:
http://www.microsoft.com/downloads/de...=8d9f1fdf-6d4c-44d4-9b5f-bdbe8ac28d7f

Windows Media Player 10 for Windows Server 2003 x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/de...=2c04c7f2-728e-43bd-8574-26e411fcd129

Windows Media Player 11 for Windows XP SP2:
http://www.microsoft.com/downloads/de...=a690d042-1137-4aaf-bd0e-565ea04d1f2b

Windows Media Player 11 for Windows XP Professional X64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/de...=bdc89f34-c1ff-46ab-b52d-c02d51c5c373

Windows Media Player 11 for Windows Vista:
http://www.microsoft.com/downloads/de...=80e5167c-4f75-4ce3-8b15-2f50958deec8

Windows Media Player 11 for Windows Vista x64 Edition:
http://www.microsoft.com/downloads/de...=bf30b714-d6e7-47ea-b79e-84c18370a661

Provided and/or discovered by:
Discovered by Piotr Bania and reported via ZDI.

Changelog:
2007-08-15: Added additional information from ZDI.

Original Advisory:
MS07-047 (KB936782):
http://www.microsoft.com/technet/security/Bulletin/MS07-047.mspx

ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-07-046.html
http://www.zerodayinitiative.com/advisories/ZDI-07-047.html

Change Page:
[ 1 ] [ 2 ] [ 3 ]

Track this Secunia Advisory

Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.

Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory

Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

Latest Advisories

Today

New advisories:	10
New vulnerabilities:	107
Updated advisories:	24

Highly // 62 views

Red Hat update for java-1.6.0-sun

Highly // 74 views

SUSE Update for Multiple Packages

Highly // 89 views

Spam Inspector EasyMail SMTP Object ActiveX Control Vulnerability

Less // 75 views

Debian update for cups

Highly // 144 views

Oracle Document Capture EasyMail ActiveX Control Vulnerabilities

Highly // 254 views

Apple Mac OS X Security Update Fixes Multiple Vulnerabilities

Moderately // 155 views

Red Hat update for tomcat

Highly // 184 views

HP-UX update for JRE / JDK

Highly // 159 views

Red Hat update for libvorbis

Less // 217 views

CUPS "kerberos" Cross-Site Scripting Vulnerability

Solutions | More...

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.