Microsoft Windows Media Player Heap Overflow Vulnerability( 14 October 2009 )

Last Update Date: 28 Jan 2011 Release Date: 14 Oct 2009 4653 Views

RISK: Medium Risk

A remote code execution vulnerability exists in Windows Media Player 6.4. An attacker could exploit the vulnerability by constructing a specially crafted ASF file that could allow remote code execution when played using Windows Media Player 6.4. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

Impact

Remote Code Execution

System / Technologies affected

Microsoft Windows Media Player 6.4
Microsoft Windows 2000
Windows XP
Windows Server 2003

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.
Download locations for this patch

Microsoft Windows 2000 Service Pack 4
- Microsoft Windows Media Player 6.4
Windows XP Service Pack 2 and Windows XP Service Pack 3
- Microsoft Windows Media Player 6.4
Windows XP Professional x64 Edition Service Pack 2
- Microsoft Windows Media Player 6.4
Windows Server 2003 Service Pack 2
- Microsoft Windows Media Player 6.4
Windows Server 2003 x64 Edition Service Pack 2
- Microsoft Windows Media Player 6.4

Vulnerability Identifier

CVE-2009-2527

Source

Related Link

Share with

Microsoft Windows SMBv2 Multiple Vulnerabilities( 14 October 2009 )

14 Oct 2009 4680 Views

Microsoft Windows Local Security Authority Subsystem Service (LSASS) Integer Overflow Vulnerability( 14 October 2009 )

14 Oct 2009 4796 Views