Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Microsoft Subscribe
Filtered by product Windows Media Player
Total 53 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2005-1574 1 Microsoft 1 Windows Media Player 2018-08-13 7.5 HIGH N/A
Windows Media Player 9 and 10, in certain cases, allows content protected by Windows Media Digital Rights Management (WMDRM) to redirect the user to a web site to obtain a license, even when the "Acquire licenses automatically for protected content" setting is not enabled.
CVE-2003-0604 1 Microsoft 1 Windows Media Player 2018-08-13 7.5 HIGH N/A
Windows Media Player (WMP) 7 and 8, as running on Internet Explorer and possibly other Microsoft products that process HTML, allows remote attackers to bypass zone restrictions and access or execute arbitrary files via an IFRAME tag pointing to an ASF file whose Content-location contains a File:// URL.
CVE-2009-1331 1 Microsoft 1 Windows Media Player 2017-09-28 9.3 HIGH N/A
Integer overflow in Microsoft Windows Media Player (WMP) 11.0.5721.5260 allows remote attackers to cause a denial of service (application crash) via a crafted .mid file, as demonstrated by crash.mid.
CVE-2007-6236 1 Microsoft 1 Windows Media Player 2017-09-28 5.0 MEDIUM N/A
Microsoft Windows Media Player (WMP) allows remote attackers to cause a denial of service (application crash) via a certain AIFF file that triggers a divide-by-zero error, as demonstrated by kr.aiff.
CVE-2014-2671 1 Microsoft 1 Windows Media Player 2017-08-28 6.8 MEDIUM N/A
Microsoft Windows Media Player (WMP) 11.0.5721.5230 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted WAV file.
CVE-2010-1042 1 Microsoft 1 Windows Media Player 2017-08-16 4.3 MEDIUM N/A
Microsoft Windows Media Player 11 does not properly perform colorspace conversion, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .AVI file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-0718 1 Microsoft 1 Windows Media Player 2017-08-16 4.3 MEDIUM N/A
Buffer overflow in Microsoft Windows Media Player 9 and 11.0.5721.5145 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted .mpg file.
CVE-2004-1325 1 Microsoft 1 Windows Media Player 2017-07-10 5.0 MEDIUM N/A
The getItemInfoByAtom function in the ActiveX control for Microsoft Windows Media Player 9.0 returns a 0 if the file does not exist and the size of the file if the file exists, which allows remote attackers to determine the existence of files on the local system.
CVE-2004-1324 1 Microsoft 1 Windows Media Player 2017-07-10 2.6 LOW N/A
The Microsoft Windows Media Player 9.0 ActiveX control may allow remote attackers to execute arbitrary web script in the Local computer zone via the (1) artist or (2) song fields of a music file, if the file is processed using Internet Explorer.
CVE-2003-1107 1 Microsoft 1 Windows Media Player 2017-07-10 5.1 MEDIUM N/A
The DHTML capability in Microsoft Windows Media Player (WMP) 6.4, 7.0, 7.1, and 9 may run certain URL commands from a security zone that is less trusted than the current zone, which allows attackers to bypass intended access restrictions.
CVE-2002-0340 1 Microsoft 1 Windows Media Player 2016-10-17 7.5 HIGH N/A
Windows Media Player (WMP) 8.00.00.4477, and possibly other versions, automatically detects and executes .wmf and other content, even when the file's extension or content type does not specify .wmf, which could make it easier for attackers to conduct unauthorized activities via Trojan horse files containing .wmf content.
CVE-2008-4927 1 Microsoft 1 Windows Media Player 2008-11-04 4.3 MEDIUM N/A
Microsoft Windows Media Player (WMP) 9.0 through 11 allows user-assisted attackers to cause a denial of service (application crash) via a malformed (1) MIDI or (2) DAT file, related to "MThd Header Parsing." NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2002-1844 1 Microsoft 1 Windows Media Player 2008-09-05 7.2 HIGH N/A
Microsoft Windows Media Player (WMP) 6.3, when installed on Solaris, installs executables with world-writable permissions, which allows local users to delete or modify the executables to gain privileges.