Content
(MS06-006) Microsoft Windows Media Player Plugin Code Execution
- Type
- Buffer Overflow
- Impact of exploitation
- Remote Code Execution
- User Interaction
- user interaction is needed
- Attack Vector
- Website or e-mail with malicious content
- Rating
- High
- CVE reference
- CVE-2006-0005,
- Vendor Status
- Responded and patched
- Vulnerable systems
- Windows 2000 SP4,
- Windows XP SP1,
- Windows XP SP2,
- Windows Media Player All,
- Windows 2003 SP0 - SP1,
- Summary
- The Microsoft Windows Media Player browser plugin contains a flaw that may allow for code execution when initializing on malicious websites.
Tab Navigation
Description
Microsoft Windows Media Player (WMP) is an industry standard media playback application. A WMP-based plugin can be used by web browsers other than Internet Explorer (IE) to display media. A code execution vulnerability is present in some versions of the WMP plugin. This vulnerability can be exploited to execute arbitrary code on affected systems. This vulnerability is the result of improper handling of values associated with the HTML embed tag used to load the plugin.
McAfee Product Mitigation & Recommendations
Recommendations
Download and install the update from Microsoft (KB911564): http://www.microsoft.com/technet/security/bulletin/MS06-006.mspx
McAfee Product Mitigation
McAfee Host IPS
- Signature:
- Generic Buffer Overflow
- Signature identifier:
- 428
- Release date:
- 3/14/2006
- First released in:
- security content update 366
Additional Resources
Microsoft Security Bulletin: Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution (911564)
http://www.microsoft.com/technet/security/bulletin/MS06-006.mspx
All Information
Timeline -
2/22/2006
Exploit code has been released.
2/22/2006
Exploit code has been released.
2/17/2006
Exploit code has been released.
2/17/2006
Exploit code has been released.
2/14/2006
Vendor has provided a patch.
Description -
Microsoft Windows Media Player (WMP) is an industry standard media playback application. A WMP-based plugin can be used by web browsers other than Internet Explorer (IE) to display media. A code execution vulnerability is present in some versions of the WMP plugin. This vulnerability can be exploited to execute arbitrary code on affected systems. This vulnerability is the result of improper handling of values associated with the HTML embed tag used to load the plugin.
McAfee Product Mitigation & Recommendations
Recommendations -
Download and install the update from Microsoft (KB911564): http://www.microsoft.com/technet/security/bulletin/MS06-006.mspx
McAfee Product Mitigation
McAfee Host IPS
- Signature:
- Generic Buffer Overflow
- Signature identifier:
- 428
- Release date:
- 3/14/2006
- First released in:
- security content update 366
Additional Resources
Additional Resources -
Microsoft Security Bulletin: Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution (911564)
http://www.microsoft.com/technet/security/bulletin/MS06-006.mspx
