Windows Media Player 7 allows remote attackers to execute malicious Java applets in Internet Explorer clients by enclosing the applet in a skin file named skin.wmz, then referencing that skin in the codebase parameter to an applet tag, aka the Windows Media Player Skins File Download vulnerability.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Windows_media_player | Microsoft | 7 (including) | 7 (including) |
References
- http://marc.info/?l=bugtraq\u0026m=97958100816503\u0026w=2
- http://www.securityfocus.com/bid/2203
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-010
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5937
- http://marc.info/?l=bugtraq\u0026m=97958100816503\u0026w=2
- http://www.securityfocus.com/bid/2203
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-010
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5937