Back to search
CVE-2006-6134
Published: Nov 28, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Heap-based buffer overflow in the WMCheckURLScheme function in WMVCORE.DLL in Microsoft Windows Media Player (WMP) 10.00.00.4036 on Windows XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a long HREF attribute, using an unrecognized protocol, in a REF element in an ASX PlayList file.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1017354
vdb-entry
x_refsource_SECTRACK
http://support.avaya.com/elmodocs2/security/ASA-2006-274.htm
x_refsource_CONFIRM
MS06-078
vendor-advisory
x_refsource_MS
1922
third-party-advisory
x_refsource_SREASON
VU#208769
third-party-advisory
x_refsource_CERT-VN
22971
third-party-advisory
x_refsource_SECUNIA
20061122 Windows Media ASX PlayList File Denial Of Service Vulnerability
mailing-list
x_refsource_BUGTRAQ
TA06-346A
third-party-advisory
x_refsource_CERT
oval:org.mitre.oval:def:669
vdb-entry
signature
x_refsource_OVAL
http://research.eeye.com/html/alerts/zeroday/20061122.html
x_refsource_MISC
SSRT061288
vendor-advisory
x_refsource_HP
HPSBST02180
vendor-advisory
x_refsource_HP
ADV-2006-4882
vdb-entry
x_refsource_VUPEN
21247
vdb-entry
x_refsource_BID
20061205 eEye's Zero-Day Tracker Launch
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now