Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:STC:DL:MAL-WMV-MEDIA |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Windows Media Player Malformed Media Player File Code Execution |
Release Date |
2010/10/11 |
Update Number |
1790 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Windows Media Player Malformed Media Player File Code Execution
This signature detects attempts to exploit a known vulnerability in Microsoft Media Player. A successful attack can result in arbitrary code execution with the privileges of the targeted user.
Extended Description
Microsoft Windows Media Player is prone to a remote code-execution vulnerability when handling specially crafted media content. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Successful exploits will allow the attacker to execute arbitrary code in the context of the user running the application, which can compromise the application and possibly the computer. The issue affects the following: Windows Media Player 9 series Windows Media Player 10 Windows Media Player 11 Windows Media Player 12
Affected Products
- Avaya aura_conferencing Standard
- Avaya callpilot
- Avaya communication_server_1000_telephony_manager
- Avaya meeting_exchange-client_registration_server
- Avaya meeting_exchange-recording_server
- Avaya meeting_exchange-streaming_server
- Avaya meeting_exchange-web_conferencing_server
- Avaya meeting_exchange-webportal
- Avaya messaging_application_server
- Microsoft windows_media_player 10.0
- Microsoft windows_media_player 11
- Microsoft windows_media_player 12
- Microsoft windows_media_player 9.0
References
- BugTraq: 43772
- CVE: CVE-2010-2745