Windows XP is flawed in the way it extracts attribute information from audio files like .mp3 and .wma - this vulnerability is within Windows XP and not the Media Player.
A user only needs to open a network folder that contains malicious files or hover the mouse over an icon of a malicious file on a web page or local folders. This also affects emails in programs like Outlook and Outlook Express with such files attached.
The problem is that certain data which is extracted automatically by Windows XP is not handled correctly, these attributes can be manipulated to cause a buffer overflow, this allows malicious persons to create .mp3 and .wma files which can execute arbitrary code.
It does not help to uninstall the MediaPlayer.
Solution: Secunia recommend that you take action as soon as possible. If you have installed Outlook Email Security Update emails can not automatically launch the malicious file, however if a user click on the icon/link malicious code will still be executed.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org
Subject: Windows XP Desktop buffer overflow
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.